urlscan.io logo urlscan.io
SecurityTrails logo

www.bahn.de Open in urlscan Pro
23.35.228.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bahn.de/buchung/fahrplan/suche#sts=true&so=berlin&zo=freiburg(breisgau)%20hbf&kl=2&r=13:16:klassenlos:1&...
Effective URL: https://www.bahn.de/buchung/fahrplan/suche
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 164 HTTP transactions. The main IP is 23.35.228.145, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.bahn.de. The Cisco Umbrella rank of the primary domain is 29693.
TLS certificate: Issued by DigiCert Global CA G2 on March 1st 2023. Valid for: a year.
This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
149 23.35.228.145 16625 (AKAMAI-AS)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
6 2600:9000:224... 16509 (AMAZON-02)
1 2 81.200.195.195 34156 (BAHN-AS-BLN)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
164 6
149    23.35.228.145 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-145.deploy.static.akamaitechnologies.com
www.bahn.de
4    2a02:26f0:7100::5f64:87a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.static-bahn.de
6    2600:9000:224a:5800:c:198:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cms.static-bahn.de
2    81.200.195.195 (Frankfurt am Main, Germany)

ASN34156 (BAHN-AS-BLN, DE)
accounts.bahn.de
4    2a02:26f0:3500:18::1724:a28e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com
Apex Domain
Subdomains		 Transfer
151 bahn.de
www.bahn.de — Cisco Umbrella Rank: 29693
accounts.bahn.de — Cisco Umbrella Rank: 64509
2 MB
10 static-bahn.de
assets.static-bahn.de — Cisco Umbrella Rank: 113601
cms.static-bahn.de — Cisco Umbrella Rank: 133655
243 KB
4 techlab-cdn.com
p11.techlab-cdn.com — Cisco Umbrella Rank: 5051
59 KB
164 3
Domain Requested by
149 www.bahn.de www.bahn.de
cms.static-bahn.de
6 cms.static-bahn.de www.bahn.de
cms.static-bahn.de
4 p11.techlab-cdn.com www.bahn.de
4 assets.static-bahn.de www.bahn.de
2 accounts.bahn.de 1 redirects www.bahn.de
164 5

This site contains links to these domains. Also see Links.

Domain
int.bahn.de
www.deutschebahn.com
Subject Issuer Validity Valid
www.bahn.de
DigiCert Global CA G2		 2023-03-01 -
2024-03-31		 a year crt.sh
subsites.bahn.de
R3		 2023-09-30 -
2023-12-29		 3 months crt.sh
cms.static-bahn.de
Amazon RSA 2048 M02		 2023-09-23 -
2024-10-21		 a year crt.sh
idm.dbv.service.deutschebahn.com
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
p11.techlab-cdn.com
R3		 2023-08-31 -
2023-11-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/buchung/fahrplan/suche
Frame ID: 8C9BE79F398A81079095B3C04A8C68C6
Requests: 167 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
Frame ID: 741B17876BE3BF35107F942554C9EFE6
Requests: 1 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Frame ID: 167DA995FEEA5DDAD627646590A1CC30
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hinfahrt

Page Statistics

164
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

2017 kB
Transfer

6452 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=kf_web&response_type=code&state=AAzjsm8Frh&scope=openid%20vendo&response_mode=fragment&prompt=none&code_challenge=suhVpSbkhyOp4aYsLF9qqbNmGTlK0In5sKXVUXUSx7c&code_challenge_method=S256 HTTP 302
  • https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

164 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request suche
www.bahn.de/buchung/fahrplan/ 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82183de0e8606d94a01ce8ed116ca5f7d99160c489d8040062ca37de9202beff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=248
content-encoding
gzip
content-length
6319
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type
text/html;charset=UTF-8
date
Wed, 04 Oct 2023 10:15:02 GMT
expires
Wed, 04 Oct 2023 10:19:10 GMT
last-modified
Wed, 04 Oct 2023 10:13:51 GMT
server-timing
intid;desc=2f6e500ce1abb79b
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
auth.005d1528f40056583259.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		2 MB
386 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.005d1528f40056583259.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
139cddf8500d9ce3ae43f24f3c589680f8ea9a032a19a8531b02176dd0b0a4ad
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
content-length
393003
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
main.059e2c30b2a94d6e1b52.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 		239 KB
143 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/css/main.059e2c30b2a94d6e1b52.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de74275e4a216a676a67f7bde46deed4ff31041af23285c17331b2fb633db120
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=9cc9e3bac58ecf21
content-length
144067
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
link-list.bb4d54ec0edc2a358c6a.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 		955 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/css/link-list.bb4d54ec0edc2a358c6a.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a6c15f31adf98b1b6d38c8b1afb9113630e7730b29ca1381f069cb31099d8a6b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=6d623ef5572131d9
content-length
278
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
highlight-icon.b34247ef4d51c10c0c47.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 		28 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/css/highlight-icon.b34247ef4d51c10c0c47.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4a99e4fd02590f62df0fad869eb24cd14358e36433bc6c891c2dd07a11b33dd5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=765fe33cb2809e93
content-length
8451
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
business.1d1f0790e5cf0b9ce32b.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/css/business.1d1f0790e5cf0b9ce32b.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d7f7c81dcf84f3c857053816c76333720a88fadcc1f9139ae45d447e0bcb1f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=7a690c2012677dc3
content-length
949
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
db-logo.svg
assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/ 		828 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/db-logo.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
content-encoding
gzip
content-disposition
attachment; filename="db-logo.svg"
server-timing
intid;desc=1c92b10dce63999f
content-length
480
x-xss-protection
1; mode=block
last-modified
Wed, 23 Mar 2022 14:18:43 GMT
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
https://www.bahn.de
cache-control
public, max-age=2592000
expires
Fri, 03 Nov 2023 10:15:02 GMT
app.bb1da40a.js
www.bahn.de/web/js/ 		253 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/app.bb1da40a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a7f4dbf1b57526c745b8370c5c3cb4562f4cf4fb07fd058b8a0fcf302b2b5cb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/buchung/fahrplan/suche
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-3f5f4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a7bcc48c2085d4f3, intid;desc=a7bcc48c2085d4f3
accept-ranges
bytes
content-length
52566
x-xss-protection
1; mode=block
common.c1555c21.js
www.bahn.de/web/js/ 		142 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/common.c1555c21.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3b32f5d3b6e446280286567ffc4bed09749461589fe595fc5605c82acc99ac3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/buchung/fahrplan/suche
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-23783"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=2e1e3406ee47add6, intid;desc=2e1e3406ee47add6
accept-ranges
bytes
content-length
54508
x-xss-protection
1; mode=block
common.64478605.js
www.bahn.de/web/js/ 		588 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/common.64478605.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b181c8243f38def2dec1bce7507f716f40a8257cd668dc47e20e6baa4753190
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/buchung/fahrplan/suche
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-930eb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=632952d8fa13bf82, intid;desc=632952d8fa13bf82
accept-ranges
bytes
content-length
179538
x-xss-protection
1; mode=block
style.4bc061cf.css
www.bahn.de/web/css/ 		669 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/css/style.4bc061cf.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14a32a2d64b2e8f30e4e67a7c1cad7cc0094a2de13fafc2ad0ae470cb8a54f4c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-a73c3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=68bc7f86e88e01d3, intid;desc=68bc7f86e88e01d3
accept-ranges
bytes
content-length
114544
x-xss-protection
1; mode=block
footer-image-bar.5872887289bf1e67ceb8.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/css/footer-image-bar.5872887289bf1e67ceb8.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eaa6397295435a5c32ba615dcaa627149c1a5beccf7220e06349726093c951f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=3d68a8ce93c1bcab
content-length
456
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
Creditcard_32.svg
assets.static-bahn.de/dam/jcr:8fcf78a6-ff6b-4c3f-8e22-fd7edca45ed3/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.static-bahn.de/dam/jcr:8fcf78a6-ff6b-4c3f-8e22-fd7edca45ed3/Creditcard_32.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
00521230e8053624727f59a5e5bfebb162b1e43a102925c1b97661d2d5ead7b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
content-encoding
gzip
content-disposition
attachment; filename="Creditcard_32.svg"
server-timing
intid;desc=e684c9f71b3e536b
content-length
627
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 10:50:04 GMT
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
https://www.bahn.de
cache-control
public, max-age=2592000
expires
Fri, 03 Nov 2023 10:15:02 GMT
paypal.svg
assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/ 		11 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/paypal.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
content-encoding
gzip
content-disposition
attachment; filename="paypal.svg"
server-timing
intid;desc=7f693fe7b337532f
content-length
4621
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 10:49:07 GMT
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
https://www.bahn.de
cache-control
public, max-age=2592000
expires
Fri, 03 Nov 2023 10:15:02 GMT
sepa-logo-icon.svg
assets.static-bahn.de/dam/jcr:b999fc06-d39b-41f0-b107-9c53129c173d/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.static-bahn.de/dam/jcr:b999fc06-d39b-41f0-b107-9c53129c173d/sepa-logo-icon.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::5f64:87a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c545a5aa779cc7b3fc5906069b3885f4279234891a9de0cfbd677a6cbd3a5d76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
content-encoding
gzip
content-disposition
attachment; filename="sepa-logo-icon.svg"
server-timing
intid;desc=21dbf80221381c0d
content-length
705
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 10:52:39 GMT
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml;charset=UTF-8
access-control-allow-origin
https://www.bahn.de
cache-control
public, max-age=2592000
expires
Fri, 03 Nov 2023 10:15:02 GMT
scripts.083db41f46258c828041.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		279 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
323bf5ff1cabaa721d479f66665936c138ecccbc492dc1a9170cc50c38ee8c00
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
content-length
77255
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
fSuggest_v1512-cms.min.js
www.bahn.de/.resources/bahn-common-light/webresources/assets/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/js/fSuggest_v1512-cms.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d94894332082135766996807fe098b2f2a37b74f2f09bbc218578d9ff9981a53
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:03 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=25b8fbda063f6ced
content-length
5903
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
fSuggest_toptreffer.min.js
www.bahn.de/.resources/bahn-common-light/webresources/assets/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/js/fSuggest_toptreffer.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c9951d2e91bf613d354f4d2f20d69df0ae3bcfffcef1b5abded73f584a10730
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:03 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=67e9e54cad722265
content-length
7674
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
truncated
/ 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbd5a134190030a84e4648653bace9063f9de7c02c7d0a87d93bc37bfa087018

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		428 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8e2e1a340e5f7ec9d39d04a6192fa216bf444f848e45753e3b7f9ee44f2ce59

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6565f827b8c4678937e4e26f98779af77304e1d87f3e81ebbafcc51b34cf7f9c

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e04ee1aeda1980025084d1393df4f306c133bea1e4efb09747cbd73ec9af537

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
truncated
/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac850d458b1443353c2e4acf1dfbcc8ef559a4c3a54477156f89dba9d8ff5f09

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
utag.js
cms.static-bahn.de/tms/next-main/ 		229 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/tms/next-main/utag.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89a9d1299ed9da2a2e1326ae9883b83156c1a7b3c2dd83298065856ce8d2af00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
txegWVKx0EFhjQYxYDivSqW9Pb0uX.ML
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:45:58 GMT
last-modified
Thu, 28 Sep 2023 14:45:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70145
x-amz-server-side-encryption
AES256
etag
W/"be364651c8ded87a6fb8b9a0315baee4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
nwPLKsThyebi3jGLHQyiAdP1auVVbEp0e4g4DRYacth-sBM8FeAo8w==
openid-configuration
accounts.bahn.de/auth/realms/db/.well-known/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.bahn.de/auth/realms/db/.well-known/openid-configuration
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.005d1528f40056583259.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.200.195.195 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
/
Resource Hash
428615e7a7cea3bf84038bf8cd8fc3dffb0814b6f29e4cc9090800043dd9c1af
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://*.hcaptcha.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bahn.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 04 Oct 2023 10:15:02 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
X-Frame-Options
ALLOW-FROM https://*.hcaptcha.com
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bahn.de
Cache-Control
no-cache, must-revalidate, no-transform, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
server-timing
intid;desc=c7efd20acba9928c, intid;desc=c7efd20acba9928c
Content-Length
8390
X-XSS-Protection
1; mode=block
desktop
www.bahn.de/.rest/navigation/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.rest/navigation/desktop?root=a5a66ce9-1eaa-41d7-87d4-1c9e52ea2bb1&loc=VENDO&language=de&productSite=true&linkPrefix=
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b9ab3b91e81df19544a3cd7eff4ee086c2410290b354f9df46a2af7a7d0bf18e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
public, max-age=113
server-timing
intid;desc=dd10dcc150da1177, intid;desc=dd10dcc150da1177
content-length
1549
x-xss-protection
1; mode=block
expires
Wed, 04 Oct 2023 10:16:55 GMT
vendors~faq-search-with-filter~loginButton~vue-disruption-news~vue-navigation-mobile~vue-overlay~vue~2e19f125.5d2587c9613036096667.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/vendors~faq-search-with-filter~loginButton~vue-disruption-news~vue-navigation-mobile~vue-overlay~vue~2e19f125.5d2587c9613036096667.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
881a1d7d872eaccf6fe4aeeb45d1d9ddc447f1920c5f39042d8f9b7f2e0e9e1b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=e8b382c59b9ebd77
content-length
28685
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
vue-popup.8efee66c99faa474b322.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/vue-popup.8efee66c99faa474b322.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0916d403cbeb57dc9a31a9bba0a091e4ed46dd869a713b7cd8a4fb73d9d4f0a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=e0c4269e0120ce7d
content-length
8132
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
content-teaser-dropdown.288010158fa216412775.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/content-teaser-dropdown.288010158fa216412775.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fbe39ef693a0f169e8e3083b49a5f35d09446494320f3102a66d24858e46077e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=d1afa0e026311ae5
content-length
1155
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
loginButton.31848d42a1d58e707276.js
www.bahn.de/.resources/bahn-common-light/webresources/js/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/js/loginButton.31848d42a1d58e707276.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de21bc82db33855aedea91f0cb1f47a17b9ccc95eb77c24eb9c8b50a85ec09de
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Wed, 27 Sep 2023 15:42:36 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
x-frame-options
sameorigin, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
server-timing
intid;desc=10afaa558503721f
content-length
8391
x-xss-protection
1; mode=block
expires
Thu, 03 Oct 2024 10:15:02 GMT
consent-layer-loader.js
cms.static-bahn.de/cms/consent-layer/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8fea9497de85611317b7695d7c44e56ea5b727f81d5ae05288f3593704847c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
ZLfOUWBG3uPzwvXkc2.TPm1SUEX8.hkR
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:46:13 GMT
last-modified
Thu, 28 Sep 2023 14:44:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70130
x-amz-server-side-encryption
AES256
etag
W/"0c137a5718b50fd93b11e49adbfc7162"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
AXHI0mM1OI2cBeDdfUTuNgQBkaudw_mZYhYF-TqeZVHJMXOnUzYT8Q==
auth.v1.html
www.bahn.de/.resources/bahn-common-light/webresources/assets/html/ Frame 741B
Redirect Chain
  • https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=...
  • https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.005d1528f40056583259.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type
text/html;charset=UTF-8
date
Wed, 04 Oct 2023 10:15:02 GMT
expires
Thu, 03 Oct 2024 10:15:02 GMT
last-modified
Fri, 22 Sep 2023 07:01:04 GMT
server-timing
intid;desc=d3ec31d3ddc00697
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Oct 2023 10:15:02 GMT
Location
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html#error=login_required&state=AAzjsm8Frh
Referrer-Policy
no-referrer
Server-Timing
intid;desc=5fd4a1e0797d8655
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
server-timing
intid;desc=5fd4a1e0797d8655
consent-layer-standalone.7c59adb64d8e570e3f31.js
cms.static-bahn.de/cms/consent-layer/js/ 		177 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-standalone.7c59adb64d8e570e3f31.js
Requested by
Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1c3fd1b87a4d5158d2d27d16b6d91b0d832d603b46629cf122406a9cc1245b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
TFV1F419WmVaKkVlJ7swD6UB01bgoL9Z
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:46:28 GMT
last-modified
Thu, 28 Sep 2023 14:44:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70115
x-amz-server-side-encryption
AES256
etag
W/"524bd54fd2b20b47d6a4055e1da7eb35"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
f-wgv4d0sNQC1imgw6wo3dUwWTABZZx8QSxs_f3Dx7Hf40g0fiwcLA==
consent-layer.a6936409f7230730e62c.js
cms.static-bahn.de/cms/consent-layer/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/cms/consent-layer/js/consent-layer.a6936409f7230730e62c.js
Requested by
Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c218c5c7cf3efee5ee209afd9aaf572e2fda606beef7da32d4c12acc6d04f2c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
BwFLvknePm.M4bPY9wQOdJHUmGHDvufp
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:46:28 GMT
last-modified
Thu, 28 Sep 2023 14:44:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70115
x-amz-server-side-encryption
AES256
etag
W/"a073701f4c2b4e6146316183d7633dbe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
pRaJbvDy4lmqfzt1uBG_mhioThDiWLHqQ_GseWuExgY-fszhb87peA==
4.5d02350526a030fd0348.js
cms.static-bahn.de/cms/consent-layer/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/cms/consent-layer/js/4.5d02350526a030fd0348.js
Requested by
Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9562ce5831e0240ebcbaa93d8f37255835cf3a64bfa567781e547a9a71d70c76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9Bvqh.iGNeLPdga_QMJGPXe.Sm77hgAV
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:46:29 GMT
last-modified
Thu, 28 Sep 2023 14:44:23 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70114
x-amz-server-side-encryption
AES256
etag
W/"5e927d631bdab2dda969ce64f1988c23"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GUSWBC2qmXxOSAFa705egLsJGSLCttGzIzXPKN12zwdU4zETmuutWQ==
truncated
/ 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		516 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
frontend-config.json
www.bahn.de/web/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/frontend-config.json?v=2
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a71a8268750583b4aa5b6b7ee41320b2d581dd0c1688524f97889ffdf84aa759
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src https://secure.pay1.de https://jsctool.com https://www.jsctool.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' https://jsctool.com https://www.jsctool.com; font-src 'self' data:; img-src {CSP_IMG_SRC}; connect-src 'self' https://accounts.bahn.de https://bahn.de https://jsctool.com https://www.jsctool.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.optimizely.com; frame-src 'self' https://secure.pay1.de https://accounts.bahn.de https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors 'self'; object-src 'none'; report-uri /api/diagnostics/csp-report
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'self'; script-src https://secure.pay1.de https://jsctool.com https://www.jsctool.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' https://jsctool.com https://www.jsctool.com; font-src 'self' data:; img-src {CSP_IMG_SRC}; connect-src 'self' https://accounts.bahn.de https://bahn.de https://jsctool.com https://www.jsctool.com https://hcaptcha.com https://*.hcaptcha.com https://cdn.optimizely.com; frame-src 'self' https://secure.pay1.de https://accounts.bahn.de https://hcaptcha.com https://*.hcaptcha.com; frame-ancestors 'self'; object-src 'none'; report-uri /api/diagnostics/csp-report
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:02 GMT
last-modified
Tue, 03 Oct 2023 01:38:00 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"651b7078-740"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
public, max-age=60
server-timing
intid;desc=48239d5d9765dd51, intid;desc=48239d5d9765dd51
accept-ranges
bytes
content-length
967
x-xss-protection
1; mode=block
user-context-data
www.bahn.de/web/api/kundenkonto/ 		90 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/kundenkonto/user-context-data?v=2
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.005d1528f40056583259.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json;charset=utf-8
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json;charset=utf-8

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"5a-g3GO6Iib84nBrmVNuRHICMdTzDM"
vary
accept,authorization,cookie
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=60
server-timing
intid;desc=c10c697bef79b665, intid;desc=c10c697bef79b665
content-length
90
x-xss-protection
1; mode=block
stammdaten
www.bahn.de/web/api/kundenkonto/ 		57 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/kundenkonto/stammdaten?v=2&typ=anrede
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70074d8ac8ccdc7215df39c8214462358c5d4c2792c0e9392a15936df938c54a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"39-9Nah9k50k/Kt/nHb654ag7xw7mg"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=58e3722ea38214da, intid;desc=58e3722ea38214da
content-length
57
x-xss-protection
1; mode=block
stammdaten
www.bahn.de/web/api/kundenkonto/ 		159 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/kundenkonto/stammdaten?v=2&typ=titel
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b4a1c582d29ea291030c4e91f42af2d02bca9af088e02b9342ede8fa33d9ee9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"9f-a+fDIUQ3F1jDF5AbWWnNJ2dFU5U"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=97f2dc5dc1c3e5e2, intid;desc=97f2dc5dc1c3e5e2
content-length
159
x-xss-protection
1; mode=block
stammdaten
www.bahn.de/web/api/kundenkonto/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/kundenkonto/stammdaten?v=2&typ=land
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0596aabb5219b7cb11cfc50ba512faafc377c9e2713b95874087330706945962
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"23ff-AI1Sa/rxs8T34wu+57ztDAK0o7Q"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=8290faad7326c01c, intid;desc=8290faad7326c01c
content-length
9215
x-xss-protection
1; mode=block
reisendentypen
www.bahn.de/web/api/angebote/stammdaten/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/angebote/stammdaten/reisendentypen?v=2
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f434baa5b2cf121c647fa72fe7d62e0a8af177a5e2f32b40aeb23477d584f29f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"92b-oMSa1MdzsuXQxvgA0DrZlH8JlII"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=4b18b2813508799b, intid;desc=4b18b2813508799b
content-length
2347
x-xss-protection
1; mode=block
reisendentypen
www.bahn.de/web/api/angebote/stammdaten/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/angebote/stammdaten/reisendentypen?internal=true&v=2
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9d36c1132a2b03cbfed9f0d61d37c32bccc9ef8da7658e53805271a13f09926
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"dd7-bVynx6kB3gHb/F90zXqv7dEeumE"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=c7866d22a4e848ba, intid;desc=c7866d22a4e848ba
content-length
3543
x-xss-protection
1; mode=block
ermaessigungsarten
www.bahn.de/web/api/angebote/stammdaten/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/angebote/stammdaten/ermaessigungsarten?v=2
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcc874713fcf9a5130c5cea6aeb46cb9f44795daccea8756d32a53cae2ee28e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
3d949b96-0fe2-4a1c-9b47-05e22a986066_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:02 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"6ba-0BqI/yyUXatiIOafvXhpAQgxQHs"
vary
accept-language
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing
intid;desc=ebe217c48616ce74, intid;desc=ebe217c48616ce74
content-length
1722
x-xss-protection
1; mode=block
truncated
/ 		424 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f6cfa39b171ab33269b67f1dc29443b2ec799ea2497e727eadf525173de0e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
index.html
www.bahn.de/.resources/bahn-common/webresources/storage/ Frame 167D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.083db41f46258c828041.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f70a040de0eed0729146b03e6f276c928a98b3d60ce3b44cfbd9e4321daf60ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' p11.techlab-cdn.com; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/buchung/fahrplan/suche
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-length
849
content-security-policy
default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' p11.techlab-cdn.com; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
content-type
text/html;charset=UTF-8
date
Wed, 04 Oct 2023 10:15:03 GMT
expires
Wed, 04 Oct 2023 10:20:03 GMT
last-modified
Fri, 22 Sep 2023 07:02:02 GMT
server-timing
intid;desc=9dd749db14e6d6ad
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
FahrplanbasierteBuchungsstrecke.cfd52958.js
www.bahn.de/web/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/FahrplanbasierteBuchungsstrecke.cfd52958.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c808d3e0df80fb2b93fbf9cadff5d71d45809e405b9b5d025db8306d43f70892
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-18c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=4f7f614fe99b52d6, intid;desc=4f7f614fe99b52d6
accept-ranges
bytes
content-length
2450
x-xss-protection
1; mode=block
composables.6f1a841f.js
www.bahn.de/web/js/ 		517 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/composables.6f1a841f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bba99ac68285b3f687364a1b5b3bc99f4b8cbb490a37119121e4134f02d1af60
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-205"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=43fdc2a3cede86ae, intid;desc=43fdc2a3cede86ae
accept-ranges
bytes
content-length
339
x-xss-protection
1; mode=block
AppHeader.efa5bcdd.js
www.bahn.de/web/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/AppHeader.efa5bcdd.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5fc86166a2961102f14b6402ca1d6599b574e461b40db81a7f04e268cea0c4d7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-6b42"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9aa6a795d2d83f69, intid;desc=9aa6a795d2d83f69
accept-ranges
bytes
content-length
8813
x-xss-protection
1; mode=block
CmsHtmlManipulationService.3dfaaaa9.js
www.bahn.de/web/js/ 		606 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/CmsHtmlManipulationService.3dfaaaa9.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f549a47fb1eee8143875a3c6f0829ffcbf85a30326b0ba5cb4afd8941bd403a9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-25e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d630512fe2b5f175, intid;desc=d630512fe2b5f175
accept-ranges
bytes
content-length
296
x-xss-protection
1; mode=block
useStore.fbbb3f4a.js
www.bahn.de/web/js/ 		202 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useStore.fbbb3f4a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd84668c02c3201081a1cf36ec44aaca88f34f2c0e52fd8329a728429bb52ce5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=230e51c48d8ac48a, intid;desc=230e51c48d8ac48a
accept-ranges
bytes
content-length
181
x-xss-protection
1; mode=block
useStore.0bc0a4d7.js
www.bahn.de/web/js/ 		339 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useStore.0bc0a4d7.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6905fbe6567cc7e3b6d4e4a3567d13e369670f76b2ed2527abe9eaa10411a7ea
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-153"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d2b8ee41ded0795c, intid;desc=d2b8ee41ded0795c
accept-ranges
bytes
content-length
262
x-xss-protection
1; mode=block
DBWebHeader.92acafbf.js
www.bahn.de/web/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebHeader.92acafbf.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bde736b4bada61754839c795f25637ac9d6960e2ade8bff4fccd4d8a8c3d4ff6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1cd0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=46f9fceab3a1c084, intid;desc=46f9fceab3a1c084
accept-ranges
bytes
content-length
2916
x-xss-protection
1; mode=block
NameFormatter.615f880c.js
www.bahn.de/web/js/ 		696 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/NameFormatter.615f880c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24d7f5fec875511332c4a6dcae3395fb4221c5af016d66da2249c72e18523ee6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-2b8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=92375336ace18b7f, intid;desc=92375336ace18b7f
accept-ranges
bytes
content-length
420
x-xss-protection
1; mode=block
StartZiel.1b8d2fe7.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/StartZiel.1b8d2fe7.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65041296d267f2b061f19cffd3a4b31a8efa7438518139b6cbdd53b279181e76
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-8a9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=33db29f20ae5e2bd, intid;desc=33db29f20ae5e2bd
accept-ranges
bytes
content-length
925
x-xss-protection
1; mode=block
DateFormatter.40042107.js
www.bahn.de/web/js/ 		290 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DateFormatter.40042107.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2721300b1fa3bfdda31246e323c9c7c4b6871e3edd7f90456fbbcf198fb3c652
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-122"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=5718c56c022e7fef, intid;desc=5718c56c022e7fef
accept-ranges
bytes
content-length
236
x-xss-protection
1; mode=block
useDBWebDialog.91d6086a.js
www.bahn.de/web/js/ 		351 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useDBWebDialog.91d6086a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
baec5bfaeb49f4898823ec8950d6b7214876002508377f433eecb9ecaf9458bc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-15f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=6f08786abd938f48, intid;desc=6f08786abd938f48
accept-ranges
bytes
content-length
267
x-xss-protection
1; mode=block
useUserContext.912d939a.js
www.bahn.de/web/js/ 		487 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useUserContext.912d939a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d262926270f5c908bd26c2298dec651a068f2d7e30c30be5796931c293cd0bab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=677ac770f6e236e1, intid;desc=677ac770f6e236e1
accept-ranges
bytes
content-length
298
x-xss-protection
1; mode=block
useUserContextService.e01ba67f.js
www.bahn.de/web/js/ 		298 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useUserContextService.e01ba67f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
239352df70cbd0ff131357d0316e1ec812d24d052c5e8927541a79ee47c4aabf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-12a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=268384be83b9fb94, intid;desc=268384be83b9fb94
accept-ranges
bytes
content-length
235
x-xss-protection
1; mode=block
DBWebWizard.b516c14c.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebWizard.b516c14c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa9c949cfb413401701eeec004877adc65ea609c6d9a439c1362e8149de91bf1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-569"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b470229f0e88a20e, intid;desc=b470229f0e88a20e
accept-ranges
bytes
content-length
761
x-xss-protection
1; mode=block
LoadingPage.09f9b551.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/LoadingPage.09f9b551.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4b4225891294200765b6084d4b56a242db3f6da6af4f40cf93884da8ccc2e2a2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-94a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=19c2a3bfde0b7091, intid;desc=19c2a3bfde0b7091
accept-ranges
bytes
content-length
1035
x-xss-protection
1; mode=block
LoadingIndicator.c27901e9.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/LoadingIndicator.c27901e9.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
828905ae96379d3941c4a94d8c81b642747f844256b6f42ea188841471853509
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-755"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=19571441bb21f625, intid;desc=19571441bb21f625
accept-ranges
bytes
content-length
850
x-xss-protection
1; mode=block
15cea51806f6838cfd97566078369c14b6ed0011a38979
www.bahn.de/static/ Frame 167D 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/static/15cea51806f6838cfd97566078369c14b6ed0011a38979
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1475de151b27e77e4b3182b153ae4c1c9d2ffd424017868d53c0aabb9622eb59
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
content-md5
BNYjQBLJvn4ahATVj5kgjw==
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
55828
x-xss-protection
1; mode=block
last-modified
Wed, 30 Aug 2023 12:32:13 GMT
etag
0x8DBA95523451DB6
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
x-frame-options
SAMEORIGIN
timing-allow-origin
*
expires
Wed, 04 Oct 2023 10:25:03 GMT
ReiseloesungListPage.bf186b25.js
www.bahn.de/web/js/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReiseloesungListPage.bf186b25.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55d17220b2f15079c0f65c4c2f80613a61b8c48fbf612772bc29eabcb7c758bd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-16b93"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=c7654c96b9c9f00f, intid;desc=c7654c96b9c9f00f
accept-ranges
bytes
content-length
25739
x-xss-protection
1; mode=block
Reiseplan.3f6f79cb.js
www.bahn.de/web/js/ 		93 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Reiseplan.3f6f79cb.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
558efa820aa451144b28e2adddecca35699e6b74214b48da6b7af124afaa437c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-174a8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=80442cf9f4b9adf5, intid;desc=80442cf9f4b9adf5
accept-ranges
bytes
content-length
23867
x-xss-protection
1; mode=block
DBWebTransitionDropdown.113920cc.js
www.bahn.de/web/js/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebTransitionDropdown.113920cc.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
16dcd5ac7c1c8c7c115651f4461f6bdc3b0b351664e8bc9102c7fef0a6dd5451
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-441"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=7623025bbb754ff0, intid;desc=7623025bbb754ff0
accept-ranges
bytes
content-length
501
x-xss-protection
1; mode=block
DBWebModalContainer.84eeea85.js
www.bahn.de/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebModalContainer.84eeea85.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9d63ac4829ff3321a91f13cdf3628548b9b76efd6ae3d59c719f085ef42449d1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-c9f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=5ea86b5f676242c4, intid;desc=5ea86b5f676242c4
accept-ranges
bytes
content-length
1401
x-xss-protection
1; mode=block
chunk-4RP2N3TY.4c682079.js
www.bahn.de/web/js/ 		600 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-4RP2N3TY.4c682079.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
917cce4212b8cc843ad8fcf79a93fd7efa69b75164a11f2d1c644ec958d41877
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-258"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=24042931777cf68a, intid;desc=24042931777cf68a
accept-ranges
bytes
content-length
363
x-xss-protection
1; mode=block
chunk-MEAK3HJF.f2193f7e.js
www.bahn.de/web/js/ 		151 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-MEAK3HJF.f2193f7e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aad41f4a1d38af1c73782a592b949530142afeef4eb29d08dbe193a9149f01c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-97"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=db86c6adf7c698d6, intid;desc=db86c6adf7c698d6
accept-ranges
bytes
content-length
151
x-xss-protection
1; mode=block
chunk-L6OEYO7G.6a2b1bbe.js
www.bahn.de/web/js/ 		120 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-L6OEYO7G.6a2b1bbe.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ccc59f70c381eacd004feb05d22610a9dd2c64901a78ff5be124eaa2d6fa8fd5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-78"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=04fddc26a85c4fde, intid;desc=04fddc26a85c4fde
accept-ranges
bytes
content-length
113
x-xss-protection
1; mode=block
VerbindungsUtils.68bb5ab4.js
www.bahn.de/web/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/VerbindungsUtils.68bb5ab4.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
187d8a13fe4f84db10c183f0af0c5f9d21f0254db3dee86bd1e72d4e7ebd7d27
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-a6f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=e2e008cf6eb53f1b, intid;desc=e2e008cf6eb53f1b
accept-ranges
bytes
content-length
952
x-xss-protection
1; mode=block
chunk-XYWE3BZH.bbd9f18f.js
www.bahn.de/web/js/ 		196 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-XYWE3BZH.bbd9f18f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b20784ecad9b2e27e3ba2ab12d15c2fb71fb3891e0c528d9d2606c9860be2e21
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-c4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=89dab822864511d9, intid;desc=89dab822864511d9
accept-ranges
bytes
content-length
181
x-xss-protection
1; mode=block
index.8a3721bf.js
www.bahn.de/web/js/ 		311 B
650 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.8a3721bf.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6fca88d849ea12d86338cd1bf9a2ece46e68e2d66afce82a6210e8ba1d4ab696
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-137"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=6910536a6d57324d, intid;desc=6910536a6d57324d
accept-ranges
bytes
content-length
251
x-xss-protection
1; mode=block
index.6c75b17f.js
www.bahn.de/web/js/ 		439 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.6c75b17f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dedcec1c9afe54561581029ed575e4e4437fd325e5b5d96eccaf1298646d2d34
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1b7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=e19d97dd76b21910, intid;desc=e19d97dd76b21910
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
chunk-YN2CRKM2.5023b7dc.js
www.bahn.de/web/js/ 		245 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-YN2CRKM2.5023b7dc.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ab44186bf3e4edb65aea6a6585721f2177951c4bb8f82c192bfd4d646aa533f0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-f5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=17ecbbd308c3b338, intid;desc=17ecbbd308c3b338
accept-ranges
bytes
content-length
176
x-xss-protection
1; mode=block
ReisekettenService.3332c459.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReisekettenService.3332c459.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
de60e21ae4979e87b256fefc369c3e501f56fa649052c8fb670279955e0ee9b8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-81b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ca6277db6eedc365, intid;desc=ca6277db6eedc365
accept-ranges
bytes
content-length
770
x-xss-protection
1; mode=block
DBWebSwitch.195af503.js
www.bahn.de/web/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebSwitch.195af503.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd64301cb87d972860b5fbbaa935faa4529557bb67cac33139607cea05c446c4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-17b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=7ffff985c721d949, intid;desc=7ffff985c721d949
accept-ranges
bytes
content-length
2200
x-xss-protection
1; mode=block
DBWebTooltip.39336213.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebTooltip.39336213.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51da2ec7ffbfe52836d494e68e3e59100622f1dd1657c5ec4fd22375770d4485
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-516"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9eb8036659997d3c, intid;desc=9eb8036659997d3c
accept-ranges
bytes
content-length
678
x-xss-protection
1; mode=block
DBWebIconWithLabel.ac03e6d8.js
www.bahn.de/web/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebIconWithLabel.ac03e6d8.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81caf05a046c00f7e834736559851c7654b12b3be5571a11d28a4c713a6af8e7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-583c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b951dcf059e6552e, intid;desc=b951dcf059e6552e
accept-ranges
bytes
content-length
8816
x-xss-protection
1; mode=block
purify.es.022f0ae2.js
www.bahn.de/web/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/purify.es.022f0ae2.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f74214164efcf94624af0d2007bea1dfad2888c135f24e0bde637c6ef662f184
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-52bb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ee26ca0020be77c3, intid;desc=ee26ca0020be77c3
accept-ranges
bytes
content-length
8389
x-xss-protection
1; mode=block
ProduktGattungIcon.c0908474.js
www.bahn.de/web/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ProduktGattungIcon.c0908474.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
beb837536a0822c8ebd8764bf34e02d418a513d52cdfb55019236d4f3c42a2bb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-449b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=dd6ad0d3f306e440, intid;desc=dd6ad0d3f306e440
accept-ranges
bytes
content-length
5269
x-xss-protection
1; mode=block
CssAlignment.8aea2dbd.js
www.bahn.de/web/js/ 		155 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/CssAlignment.8aea2dbd.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c251943057794c17e04c971af3d7457cad1bce25f7c50370c892ebb880a1438
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-9b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=45d5cb188e9729a2, intid;desc=45d5cb188e9729a2
accept-ranges
bytes
content-length
158
x-xss-protection
1; mode=block
VerbindungsHalt.1b7c8905.js
www.bahn.de/web/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/VerbindungsHalt.1b7c8905.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75810130b2a289d1838d80a8c646abeb162351114590fb41914cc42add20cbb9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-2baf"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=c445931a99e824d1, intid;desc=c445931a99e824d1
accept-ranges
bytes
content-length
3124
x-xss-protection
1; mode=block
ZeitAnzeige.ba8e457e.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ZeitAnzeige.ba8e457e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9d661a880a56580bf1fa10e6371e2db766f738efd961a6d1c59486f88760f96
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-627"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=8064522c86b6b87b, intid;desc=8064522c86b6b87b
accept-ranges
bytes
content-length
769
x-xss-protection
1; mode=block
chunk-GOAMF7IW.fcc46839.js
www.bahn.de/web/js/ 		366 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-GOAMF7IW.fcc46839.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
594530ef4e77c02f16af017cba01b016a1c7c0cde7a9f5e167756c097aca4157
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-16e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=35677f2618e6698e, intid;desc=35677f2618e6698e
accept-ranges
bytes
content-length
273
x-xss-protection
1; mode=block
PriorisierteMeldung.4e5dae87.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/PriorisierteMeldung.4e5dae87.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f19b8cbe1650a2ffd662d231bc00f982dd71a39df82a82f16939c72459c404d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-661"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a38449679cf08ac8, intid;desc=a38449679cf08ac8
accept-ranges
bytes
content-length
837
x-xss-protection
1; mode=block
chunk-HT4FRHLQ.2e7bb16d.js
www.bahn.de/web/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-HT4FRHLQ.2e7bb16d.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c99827c0c8c1d0ca2e43bacf5b8bca084c321b04e7585881e3514f44f13e7d7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-dd5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b08b91c29aedea34, intid;desc=b08b91c29aedea34
accept-ranges
bytes
content-length
933
x-xss-protection
1; mode=block
duration.filter.66673a30.js
www.bahn.de/web/js/ 		1 KB
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/duration.filter.66673a30.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f0042be74d32a8c0757a5dff0cf24ec523e3d785f8681a06396cbfe518ae298d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-4ac"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=03daa243fe9f9766, intid;desc=03daa243fe9f9766
accept-ranges
bytes
content-length
578
x-xss-protection
1; mode=block
index.d11718eb.js
www.bahn.de/web/js/ 		322 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.d11718eb.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
17b9d3860d49cdeb550120a34cd5bf0ba380f847f2236df09bc020883c43908b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-142"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ba3c1047abbb455f, intid;desc=ba3c1047abbb455f
accept-ranges
bytes
content-length
231
x-xss-protection
1; mode=block
ZugnummerLabel.9135f4c5.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ZugnummerLabel.9135f4c5.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e40ffae175f4d5d43b53b15b61082c3d8a8e73e306b51880515f8e8c57584cdb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-5ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ed8f3adcafc547f1, intid;desc=ed8f3adcafc547f1
accept-ranges
bytes
content-length
645
x-xss-protection
1; mode=block
DBWebDialogBody.a67313b5.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebDialogBody.a67313b5.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5c3b23942bb168eeef062de2202752cdae3fa399b0f25f89ec6116a12949cbc8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-6e3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=fdec8c1e4086601c, intid;desc=fdec8c1e4086601c
accept-ranges
bytes
content-length
799
x-xss-protection
1; mode=block
DBWebTransitionScaleOut.a1d4f8fa.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebTransitionScaleOut.a1d4f8fa.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1461d324c8fa2c7337381467585a678dc5abd7a2e6b6c096af75fdecccfa480a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-51d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=7482da1bf4590d54, intid;desc=7482da1bf4590d54
accept-ranges
bytes
content-length
698
x-xss-protection
1; mode=block
DBWebExpansionToggle.2e0570ce.js
www.bahn.de/web/js/ 		1 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebExpansionToggle.2e0570ce.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea17603cea34074343426d45a1dd9b8731844ce0527f8bbee0deecb3debc641c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-42c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=fa6bd7c537a9bc0d, intid;desc=fa6bd7c537a9bc0d
accept-ranges
bytes
content-length
614
x-xss-protection
1; mode=block
AuslastungLangText.d64b7b81.js
www.bahn.de/web/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/AuslastungLangText.d64b7b81.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
194e997219405d69e03e4a7ed9507bfefd1990656aec0adcedf0258120f86fe9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1fb6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ce031ca7f90da406, intid;desc=ce031ca7f90da406
accept-ranges
bytes
content-length
2109
x-xss-protection
1; mode=block
_defineProperty.9440aedf.js
www.bahn.de/web/js/ 		155 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/_defineProperty.9440aedf.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21f51430d0f6e556cb6620a1f2d694eee7c7fa53396a6e8c7821b0e536db8be4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-9b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=1e005f3d9ad29f0a, intid;desc=1e005f3d9ad29f0a
accept-ranges
bytes
content-length
155
x-xss-protection
1; mode=block
_arrayMap.1e1f387a.js
www.bahn.de/web/js/ 		213 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/_arrayMap.1e1f387a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
757fe485e5e3121166f2a1a2e41c203438fafda4b7bc7b15a168936dd849ef96
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=5cd074ca8cb7098d, intid;desc=5cd074ca8cb7098d
accept-ranges
bytes
content-length
195
x-xss-protection
1; mode=block
chunk-4V2PP5QB.62b8f31a.js
www.bahn.de/web/js/ 		128 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-4V2PP5QB.62b8f31a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d74fc704ce0c29d3c6fb0846a4d236de99804ac60bda78c73419f440b1d6eced
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-80"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=fe5051fc3f821862, intid;desc=fe5051fc3f821862
accept-ranges
bytes
content-length
117
x-xss-protection
1; mode=block
AuslastungLegend.db5a002d.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/AuslastungLegend.db5a002d.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
319d47c3b42eccefd514ffdc703e84da536bfec15425febc42472687f97b6506
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-7fc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=2745476c722c62eb, intid;desc=2745476c722c62eb
accept-ranges
bytes
content-length
936
x-xss-protection
1; mode=block
DBWebPageNavigationBar.b1da2dde.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebPageNavigationBar.b1da2dde.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3b7b557806e7d6c29f3398a4bed104c1216e29c8ee407a9d8af7167ce670a370
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-803"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=2e0b205bc9050ec7, intid;desc=2e0b205bc9050ec7
accept-ranges
bytes
content-length
920
x-xss-protection
1; mode=block
Legende.f9d5c59e.js
www.bahn.de/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Legende.f9d5c59e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa48a57f72443a140bf863ded37df4b4527be610e9956bb3630ce5866995879d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-a8a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=7490d63fb9146a1f, intid;desc=7490d63fb9146a1f
accept-ranges
bytes
content-length
1178
x-xss-protection
1; mode=block
safeHTMLDirective.9cca7abb.js
www.bahn.de/web/js/ 		407 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/safeHTMLDirective.9cca7abb.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84062c3a358cb1d4037d35e6554e4adc308afeb290913029ac00432137d3a683
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-197"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=bcb8bbc4098d83d5, intid;desc=bcb8bbc4098d83d5
accept-ranges
bytes
content-length
300
x-xss-protection
1; mode=block
Footnote.7f9b743c.js
www.bahn.de/web/js/ 		563 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Footnote.7f9b743c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae991e6c70e4155a46e6c26598ca6e89da14f1716248ef89a40fa3ec71492cd8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-233"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=ffd9b56e2f9c321d, intid;desc=ffd9b56e2f9c321d
accept-ranges
bytes
content-length
377
x-xss-protection
1; mode=block
QuickFinder.77470c0c.js
www.bahn.de/web/js/ 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/QuickFinder.77470c0c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66aa0ac772835edd354e36cf1db4fa5849bb2932a9c5f2aeb2e9160ffbc08d34
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-13851"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9711304f76069205, intid;desc=9711304f76069205
accept-ranges
bytes
content-length
20623
x-xss-protection
1; mode=block
ClickOutsideDirective.eff75482.js
www.bahn.de/web/js/ 		753 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ClickOutsideDirective.eff75482.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65f565612a6f3dcf726ae9c607d93bcbc83701d2e5ec044c091d2ad2373b3417
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-2f1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=dc9210a3d0b86f81, intid;desc=dc9210a3d0b86f81
accept-ranges
bytes
content-length
452
x-xss-protection
1; mode=block
chunk-HSXCYZMJ.50db296f.js
www.bahn.de/web/js/ 		37 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-HSXCYZMJ.50db296f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11c7ed4380ebbabe62575e5af5e31c1722ae7f8746b98361e68a6e559087bea1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-9244"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=5fc388c89328db1c, intid;desc=5fc388c89328db1c
accept-ranges
bytes
content-length
7235
x-xss-protection
1; mode=block
ReisendeFactory.1d2de670.js
www.bahn.de/web/js/ 		629 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReisendeFactory.1d2de670.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bda6d133efc36f9dfa73ea66f8fd59f0c2a2941b45c88caad206160746530021
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-275"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=77cdc296ad23bb8e, intid;desc=77cdc296ad23bb8e
accept-ranges
bytes
content-length
354
x-xss-protection
1; mode=block
DBWebAccordionGroup.90b35210.js
www.bahn.de/web/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebAccordionGroup.90b35210.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38187cc72368fd743c66694227f362c4866ad30c8ddbc2889a77f8a810437376
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-32e8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=91e64711c1657a67, intid;desc=91e64711c1657a67
accept-ranges
bytes
content-length
4013
x-xss-protection
1; mode=block
AccordionType.3fd28e17.js
www.bahn.de/web/js/ 		105 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/AccordionType.3fd28e17.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dda9bc2e37ec03f042f8963a7b18d71962c2e12ef4222602e58a092c78e1548
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-69"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=2a8d541e47bf38e0, intid;desc=2a8d541e47bf38e0
accept-ranges
bytes
content-length
97
x-xss-protection
1; mode=block
accordion_default.b7c1e899.js
www.bahn.de/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/accordion_default.b7c1e899.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6506e14536fa1c33275d6ce81de2560e727532f9e2850d7cc02c0da071ae3aa8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-c54"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=8431c031cfc64b39, intid;desc=8431c031cfc64b39
accept-ranges
bytes
content-length
1257
x-xss-protection
1; mode=block
ReisendeSummary.7e614be4.js
www.bahn.de/web/js/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReisendeSummary.7e614be4.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
223a375148b6439861d606a03c716896983a0b1f3fa870cc65af7456fb27a171
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-b994"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a8b483247232c4bb, intid;desc=a8b483247232c4bb
accept-ranges
bytes
content-length
13732
x-xss-protection
1; mode=block
_copyArray.d9ff06fc.js
www.bahn.de/web/js/ 		202 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/_copyArray.d9ff06fc.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51c6d54f6b8c4ecf64f39e0c6ac7cfff4548769378fc7608737a810abf052bce
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=647a7f06f2d6cc60, intid;desc=647a7f06f2d6cc60
accept-ranges
bytes
content-length
185
x-xss-protection
1; mode=block
ReisendentypFormatter.31950463.js
www.bahn.de/web/js/ 		1 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReisendentypFormatter.31950463.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
11d3595be362feb84395ac6c570415036d9d2e249f6d619249a44383737a5495
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-4b0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=3fa71a1857b49522, intid;desc=3fa71a1857b49522
accept-ranges
bytes
content-length
583
x-xss-protection
1; mode=block
ErmaessigungsFormatter.4005eac4.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ErmaessigungsFormatter.4005eac4.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
714963a172d2b3040fe0f0a926280226563912102f488c9f6a75da219025e269
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-991"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=41432468c5de4621, intid;desc=41432468c5de4621
accept-ranges
bytes
content-length
1011
x-xss-protection
1; mode=block
_baseUniq.3fbde192.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/_baseUniq.3fbde192.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd86aaede930d85d59b08ed93136f03e8c7beb3ca2da1bec2beaf39592a2f163
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-506"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=e28b187ec4de6b4e, intid;desc=e28b187ec4de6b4e
accept-ranges
bytes
content-length
734
x-xss-protection
1; mode=block
chunk-42DJGQXK.5e623e74.js
www.bahn.de/web/js/ 		518 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-42DJGQXK.5e623e74.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
183d4292c5052f7f5ee787b4e3760bc12eaa90b9c62f10e1a48b65398e5e0183
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-206"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b485e72dbbd2cb21, intid;desc=b485e72dbbd2cb21
accept-ranges
bytes
content-length
308
x-xss-protection
1; mode=block
DBWebCheckbox.d290ee0b.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebCheckbox.d290ee0b.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
29180f0ea8495613c444fede3c41eec3634593fd36de4599edd88d65c372b81e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-6a0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b39c866df79b04e4, intid;desc=b39c866df79b04e4
accept-ranges
bytes
content-length
859
x-xss-protection
1; mode=block
images.a382d848.js
www.bahn.de/web/js/ 		780 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/images.a382d848.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06decf7241e4092fff1ca556c5299e7cef11329c4a74003eb2350187b2a4a9a1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-30c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=f15704b79337c4b9, intid;desc=f15704b79337c4b9
accept-ranges
bytes
content-length
470
x-xss-protection
1; mode=block
DBWebHaltSearch.aa41ec4d.js
www.bahn.de/web/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebHaltSearch.aa41ec4d.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36635ddf837dcbbc73664d603cdfa92e43f2eac3b8785db11ac62f42db88e6ef
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-6382"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=1e27980e5d98873b, intid;desc=1e27980e5d98873b
accept-ranges
bytes
content-length
8066
x-xss-protection
1; mode=block
debounce.92112f20.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/debounce.92112f20.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4837e2c4ef979d7ba7ede0dc47a03170748c98a7468c0c50b294a50ae090635e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-79a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=c44a75ec6a70f000, intid;desc=c44a75ec6a70f000
accept-ranges
bytes
content-length
1067
x-xss-protection
1; mode=block
isSymbol.9fb30201.js
www.bahn.de/web/js/ 		256 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/isSymbol.9fb30201.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81d417cf727a918283b5a08140f170e4a8beb40c159d8180e56a34d9ce2a31f9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-100"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9780b3fb4d3421d0, intid;desc=9780b3fb4d3421d0
accept-ranges
bytes
content-length
222
x-xss-protection
1; mode=block
globalValidationErrorClass.849d4b12.js
www.bahn.de/web/js/ 		42 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/globalValidationErrorClass.849d4b12.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d4bc379097e73bd0e8ebb81b310c4289e48d6abe704ffda98bde685266eba16
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-2a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=2c08d42c3d61c435, intid;desc=2c08d42c3d61c435
accept-ranges
bytes
content-length
62
x-xss-protection
1; mode=block
DBWebSelectList.f4618e9f.js
www.bahn.de/web/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebSelectList.f4618e9f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81a8aad17f97e3aeb19304fa99af4a35e9c03fe5cc2cc0faf3d929cb6b697e40
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1e7e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=fb3b8f31c030845a, intid;desc=fb3b8f31c030845a
accept-ranges
bytes
content-length
2553
x-xss-protection
1; mode=block
InputTheme.a6e0a321.js
www.bahn.de/web/js/ 		84 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/InputTheme.a6e0a321.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b30865c1263054ab95ca1b1df1631d37d3bcfff74ca2620c2bfe6674a74f08
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-54"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=8181e65be89cb599, intid;desc=8181e65be89cb599
accept-ranges
bytes
content-length
97
x-xss-protection
1; mode=block
OrteService.1b051cbc.js
www.bahn.de/web/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/OrteService.1b051cbc.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ccd73f47f9e8ee1382c83621c2095c11bcaa47769437d3c4619f35a3a410a7b7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-9d5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b1699f96a1b397b2, intid;desc=b1699f96a1b397b2
accept-ranges
bytes
content-length
1172
x-xss-protection
1; mode=block
ButtonOverlayBodyContainer.a85869a1.js
www.bahn.de/web/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ButtonOverlayBodyContainer.a85869a1.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a20e09c7025d3a3c7837b4696a302a96ecb989b612bb42a90d4f749d16d3b03
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-12c1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a0d68bd4ccd3326f, intid;desc=a0d68bd4ccd3326f
accept-ranges
bytes
content-length
1747
x-xss-protection
1; mode=block
useZeitauswahl.fbe545aa.js
www.bahn.de/web/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useZeitauswahl.fbe545aa.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
786fc5d841488f8b1d63bebec95cbdd2d6a085e1e1c71c96466306dd7f79afef
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-b44"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=58d117741c617c6c, intid;desc=58d117741c617c6c
accept-ranges
bytes
content-length
1319
x-xss-protection
1; mode=block
DateState.2df9d509.js
www.bahn.de/web/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DateState.2df9d509.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef2fe1a528fb601787f18ce068375e0f4948177bc8de825b3d264df87e162d8d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-b71"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=deefa2a6b47ca7f5, intid;desc=deefa2a6b47ca7f5
accept-ranges
bytes
content-length
989
x-xss-protection
1; mode=block
index.bd9a3cc4.js
www.bahn.de/web/js/ 		421 B
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.bd9a3cc4.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82720808a0d0b63b358b592fb8463aa7a8944a938732a69ae5ee2f7a547cce7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1a5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9729bf46055b0401, intid;desc=9729bf46055b0401
accept-ranges
bytes
content-length
298
x-xss-protection
1; mode=block
index.bbc04b9d.js
www.bahn.de/web/js/ 		608 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.bbc04b9d.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b99a6ee71c4729ed91de2cfe0d404a38d6b54913c97bffbb1b5daa1c8a1fd250
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-260"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=933025c180574146, intid;desc=933025c180574146
accept-ranges
bytes
content-length
405
x-xss-protection
1; mode=block
index.3cec0d4f.js
www.bahn.de/web/js/ 		278 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.3cec0d4f.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
90f72c218a88849a22298ede0920ab6218a7130e181c74236b24594bb9529685
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-116"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=45ee8d5aa266d1c3, intid;desc=45ee8d5aa266d1c3
accept-ranges
bytes
content-length
235
x-xss-protection
1; mode=block
chunk-WA6PVAEF.9ff7d13a.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-WA6PVAEF.9ff7d13a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd2641b3e26b06dbfe362649ba2f05c83db6d43fca192b78e3e13af6026ce734
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-555"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=67a2d57e69f35eb4, intid;desc=67a2d57e69f35eb4
accept-ranges
bytes
content-length
876
x-xss-protection
1; mode=block
DBWebSegmentedButton.d4d0967c.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebSegmentedButton.d4d0967c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d22916c9b244ee15b8cba4e8a4d92110387c0fb265e7f1f6550f63414f72642
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-89e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=4dbf0dae28430021, intid;desc=4dbf0dae28430021
accept-ranges
bytes
content-length
1095
x-xss-protection
1; mode=block
useReisendenTyp.4314157e.js
www.bahn.de/web/js/ 		318 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useReisendenTyp.4314157e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43c2e9a8229cff85ed988727075e8d866d42bb0b77e67d0a058ce2a453d6296f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-13e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=859b15450fc76b2d, intid;desc=859b15450fc76b2d
accept-ranges
bytes
content-length
263
x-xss-protection
1; mode=block
index.6fd349a2.js
www.bahn.de/web/js/ 		243 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/index.6fd349a2.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ef84223229489c2f9a1cb2fc1a26fe8c9b0d981632c2cc9fcb8be5257e40a27
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-f3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=547c4738257759e2, intid;desc=547c4738257759e2
accept-ranges
bytes
content-length
212
x-xss-protection
1; mode=block
GKBadge.d13213b8.js
www.bahn.de/web/js/ 		727 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/GKBadge.d13213b8.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e7d45fb258c7097824a7901ad5d2145f93e5b2b0b00f9d0c954c6b8561143d3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-2d7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=573cb6b0a5e5b7ac, intid;desc=573cb6b0a5e5b7ac
accept-ranges
bytes
content-length
438
x-xss-protection
1; mode=block
DBWebBadge.d8185ef8.js
www.bahn.de/web/js/ 		588 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebBadge.d8185ef8.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1afec06826da2e457c6b881cf767991ca7946fa2337ff0b596837b5a3b117c01
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-24c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d402ad653cb68422, intid;desc=d402ad653cb68422
accept-ranges
bytes
content-length
406
x-xss-protection
1; mode=block
ReiseloesungHeading.c46111f1.js
www.bahn.de/web/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReiseloesungHeading.c46111f1.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a644b3be138686bf07850d9e42266425359c84d471b7612d64d2befb76ca5a88
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-62ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=74e184e2af7b07e7, intid;desc=74e184e2af7b07e7
accept-ranges
bytes
content-length
7533
x-xss-protection
1; mode=block
mapVerbindungToConnection.d3d68233.js
www.bahn.de/web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/mapVerbindungToConnection.d3d68233.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a0f0a3e7e773bd54dc4133f6b5abf6959fa3acb5b3399984712bb04ce190358
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-111c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=62a53b8bf190b0e7, intid;desc=62a53b8bf190b0e7
accept-ranges
bytes
content-length
1901
x-xss-protection
1; mode=block
DBWebVerbundLogo.4ef5379a.js
www.bahn.de/web/js/ 		390 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebVerbundLogo.4ef5379a.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
10fb4807524f4969129360dd7ace646f76c73099a46be9ff60b1fb0d950cf24a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-6199b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=74a6b30cb54e63a1, intid;desc=74a6b30cb54e63a1
accept-ranges
bytes
content-length
102506
x-xss-protection
1; mode=block
price.filter.64033717.js
www.bahn.de/web/js/ 		624 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/price.filter.64033717.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46749f2e4be474dccef7a6ec8757ce1e36dca3e6f41e87544666eacdd28c7d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-270"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a71bf07d0ee6a32d, intid;desc=a71bf07d0ee6a32d
accept-ranges
bytes
content-length
427
x-xss-protection
1; mode=block
FootnoteKey.d2e6ee61.js
www.bahn.de/web/js/ 		458 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/FootnoteKey.d2e6ee61.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05c17aa399c3ca4f88d65eefda44ea1d72f6a9d8a4f2b0390b0ae69d0c8614fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1ca"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b43a8c1a3e92bc05, intid;desc=b43a8c1a3e92bc05
accept-ranges
bytes
content-length
246
x-xss-protection
1; mode=block
FootnoteReference.19a9266c.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/FootnoteReference.19a9266c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f2809bf7c40bda397a5df9e5763fecc478a5047ec3b697a6a71dbdcc23df76cf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-5ba"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=09aaaf4cf2696b1d, intid;desc=09aaaf4cf2696b1d
accept-ranges
bytes
content-length
700
x-xss-protection
1; mode=block
SchnellsteVerbindungenInfo.adf66472.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/SchnellsteVerbindungenInfo.adf66472.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5ad07a2f02037fea93c89fc4ed2f608e722efd42051ed9bd1ac49d77c4e25e8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-4e8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=40fa485d36e602bc, intid;desc=40fa485d36e602bc
accept-ranges
bytes
content-length
681
x-xss-protection
1; mode=block
ErmaessigungsInfo.6b570086.js
www.bahn.de/web/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ErmaessigungsInfo.6b570086.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3ab2dc88dc30b95d4d7cb6ab88d3896bb1ec853fce20ccbc6aa47c90aa26363
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1f7d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=c0b88c2c86c23958, intid;desc=c0b88c2c86c23958
accept-ranges
bytes
content-length
3112
x-xss-protection
1; mode=block
Reiseloesung_Error.4486f38c.js
www.bahn.de/web/js/ 		2 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Reiseloesung_Error.4486f38c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1e4c0642236f8df01b58ea1879aa65c366b7cef752f25c1442acec8109d3e61
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-705"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=47eafdfbf63f6b54, intid;desc=47eafdfbf63f6b54
accept-ranges
bytes
content-length
561
x-xss-protection
1; mode=block
Footnotes.ec64334b.js
www.bahn.de/web/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Footnotes.ec64334b.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3517fa5b3bafa39f2875d2637468f4eb4bb41e3a646a52ca8a5d50d77ce73126
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-77e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=9994b8c70ebb9d8a, intid;desc=9994b8c70ebb9d8a
accept-ranges
bytes
content-length
733
x-xss-protection
1; mode=block
ReiseloesungSucheStateBuilder.c3dc2001.js
www.bahn.de/web/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/ReiseloesungSucheStateBuilder.c3dc2001.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c23831f64c67ec7a54f79c5e6680e08ed7686c10897edc30824fbd5c924ebc7b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-2552"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=79375b6735df9bf2, intid;desc=79375b6735df9bf2
accept-ranges
bytes
content-length
3348
x-xss-protection
1; mode=block
chunk-GFNPMEUK.2a2e34f4.js
www.bahn.de/web/js/ 		186 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-GFNPMEUK.2a2e34f4.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
583e810f0ad4539a46f0b11865afbcf6aa05424501c29722992d7e5b81272c80
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-ba"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d4d4aca868101120, intid;desc=d4d4aca868101120
accept-ranges
bytes
content-length
173
x-xss-protection
1; mode=block
selectedConnectionInfoEvent.e498ae78.js
www.bahn.de/web/js/ 		624 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/selectedConnectionInfoEvent.e498ae78.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38e19e67e98beaa8a271568a57f8aa723d8845e936fcbf79dd661531c9085b8e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-270"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=3d88cb3980c656d2, intid;desc=3d88cb3980c656d2
accept-ranges
bytes
content-length
337
x-xss-protection
1; mode=block
chunk-I6YKOBKK.87e2e0a1.js
www.bahn.de/web/js/ 		134 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-I6YKOBKK.87e2e0a1.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a26b30c21448738e83671123715b8f6ee678191201b85313c00e28d80539136f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=4c57980c3df51faa, intid;desc=4c57980c3df51faa
accept-ranges
bytes
content-length
117
x-xss-protection
1; mode=block
injectOrThrow.07963311.js
www.bahn.de/web/js/ 		315 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/injectOrThrow.07963311.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a8a52e3275a0a2494eee8d1cd471335ad7bb2c0e19546cbf33bfd0c8d1718756
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-13b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b9c582ec8feaf8f8, intid;desc=b9c582ec8feaf8f8
accept-ranges
bytes
content-length
252
x-xss-protection
1; mode=block
isRequestRelatedError.904d35d3.js
www.bahn.de/web/js/ 		334 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/isRequestRelatedError.904d35d3.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33870b6552293c896f9849dee6d8586bb6d16c45b720fb30fffdffd5903e647b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-14e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=b9e5da8acc24577d, intid;desc=b9e5da8acc24577d
accept-ranges
bytes
content-length
256
x-xss-protection
1; mode=block
BuchungsstreckeHeading.0982853d.js
www.bahn.de/web/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/BuchungsstreckeHeading.0982853d.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ce6800ada968e98aaa68c8d54c63bd65356bc3f5eac6aa9660091a75d9960e6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-5ed"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a34cefef87e621ee, intid;desc=a34cefef87e621ee
accept-ranges
bytes
content-length
669
x-xss-protection
1; mode=block
useVerbindungWithAngeboteLoader.eccdd0a6.js
www.bahn.de/web/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useVerbindungWithAngeboteLoader.eccdd0a6.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
536545a6b7cace7310b729b7f88c764f4e42885161b7bfbfabed83e823fcf6f7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1d4d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=17697d967a6827a6, intid;desc=17697d967a6827a6
accept-ranges
bytes
content-length
2576
x-xss-protection
1; mode=block
chunk-WPCWSUAG.722ba24e.js
www.bahn.de/web/js/ 		78 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/chunk-WPCWSUAG.722ba24e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60f7195703ff2564522ea0580afeddf7462ed3700bbf2b3e1c35f72451f2135f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-4e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=65e16fdb7faa876f, intid;desc=65e16fdb7faa876f
accept-ranges
bytes
content-length
92
x-xss-protection
1; mode=block
IsInt.60887ac7.js
www.bahn.de/web/js/ 		409 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/IsInt.60887ac7.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec8f24c2f556a43bf312b0c75edea6a3a0e258c35b0cc7102ad86588bfb56218
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-199"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=a2030f3765a86949, intid;desc=a2030f3765a86949
accept-ranges
bytes
content-length
284
x-xss-protection
1; mode=block
Min.2d643e92.js
www.bahn.de/web/js/ 		803 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Min.2d643e92.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
acaea83088ce7e7c349c7b325a95bc28a75916c6904846faba3ff305d4b135be
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-323"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=3116642a54eca27f, intid;desc=3116642a54eca27f
accept-ranges
bytes
content-length
366
x-xss-protection
1; mode=block
useBahnBonusService.42aae9d6.js
www.bahn.de/web/js/ 		315 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/useBahnBonusService.42aae9d6.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
86f4343495388eb8b0e0f3dd531cba4502a265e0990cee6b9fc64075cb88ebe6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-13b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=00359225515f96bc, intid;desc=00359225515f96bc
accept-ranges
bytes
content-length
240
x-xss-protection
1; mode=block
DBWebButtonGroup.be001882.js
www.bahn.de/web/js/ 		635 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebButtonGroup.be001882.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5b1f1ccffd6a728c46be37d8bd1b8a95086ac61c719c986a7fac88b984bc84a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-27b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d5a08e1202606b46, intid;desc=d5a08e1202606b46
accept-ranges
bytes
content-length
415
x-xss-protection
1; mode=block
DBWebAccordionClassic.41b63b4e.js
www.bahn.de/web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebAccordionClassic.41b63b4e.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f944fa08a6a2838c071b73270eabf837ce07e8591bd3beedc7ed873fd7eaf582
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-e14"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=bd37daefd79b2285, intid;desc=bd37daefd79b2285
accept-ranges
bytes
content-length
1421
x-xss-protection
1; mode=block
DBWebTextInput.6ba352e2.js
www.bahn.de/web/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/DBWebTextInput.6ba352e2.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f09b73164f7453caf252ae657c4af1b4a5e8d136a0f02e6f7e35be2f5787c485
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-1b38"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=d3cf3707c95faf06, intid;desc=d3cf3707c95faf06
accept-ranges
bytes
content-length
2636
x-xss-protection
1; mode=block
Purchase_Fail.8a8b43cb.js
www.bahn.de/web/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/Purchase_Fail.8a8b43cb.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c464103336e41cc2e5c54bd751d89acc07ec0acd2c400bf9ead08e55d73b7e16
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 22 Sep 2023 13:55:20 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"650d9cc8-b57"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=df0487c89a18869f, intid;desc=df0487c89a18869f
accept-ranges
bytes
content-length
787
x-xss-protection
1; mode=block
MaintenanceModeService.025cf02c.js
www.bahn.de/web/js/ 		575 B
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/js/MaintenanceModeService.025cf02c.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0514123ecece0d3e8a2533965e3a448683646979ec77eca18aeddfc10720c360
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src 'none'; font-src data:; img-src data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Oct 2023 10:15:03 GMT
last-modified
Fri, 29 Sep 2023 10:48:19 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
"6516ab73-23f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
server-timing
intid;desc=84def886a981f21c, intid;desc=84def886a981f21c
accept-ranges
bytes
content-length
344
x-xss-protection
1; mode=block
truncated
/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
480b0f548b1670735deb454fd68ac902164a17b711d8c564035e281a35c3eedb

Request headers

Referer
Origin
https://www.bahn.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
font/woff
65319_1825202461.js
p11.techlab-cdn.com/e/ Frame 167D 		54 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65319_1825202461.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/static/15cea51806f6838cfd97566078369c14b6ed0011a38979
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 14:24:26 GMT
content-md5
TBz6CQ/Qf16sF8+q5U3Ixg==
etag
"0x8DA7C6E5C88AF92"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
18223
expires
Wed, 04 Oct 2023 10:25:03 GMT
65257_1825232097.js
p11.techlab-cdn.com/e/ Frame 167D 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65257_1825232097.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/static/15cea51806f6838cfd97566078369c14b6ed0011a38979
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 12:38:55 GMT
content-md5
7rdGFe+/Y2zHt4sXxqkzxw==
etag
0x8DAD39902829531
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
6061
expires
Wed, 04 Oct 2023 10:25:03 GMT
64885_1825202523.js
p11.techlab-cdn.com/e/ Frame 167D 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/64885_1825202523.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/static/15cea51806f6838cfd97566078369c14b6ed0011a38979
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-encoding
gzip
last-modified
Sun, 24 Apr 2022 12:00:07 GMT
content-md5
DnvBZTKTbXGPNtxH2P6zMg==
etag
"0x8DA25E9F9A41165"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
accept-ranges
bytes
timing-allow-origin
*
content-length
1470
expires
Wed, 04 Oct 2023 10:25:03 GMT
65226_1825232128.js
p11.techlab-cdn.com/e/ Frame 167D 		70 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p11.techlab-cdn.com/e/65226_1825232128.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/static/15cea51806f6838cfd97566078369c14b6ed0011a38979
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a28e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-encoding
gzip
last-modified
Thu, 06 Jul 2023 07:07:50 GMT
content-md5
sYBscgCVtSaJQGvZdsVDxw==
etag
0x8DB7DEFB5BB50C7
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=600
timing-allow-origin
*
content-length
32997
expires
Wed, 04 Oct 2023 10:25:03 GMT
id
www.bahn.de/st/ 		48 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/st/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=39230534508404657102183141582435208372&ts=1696414503295
Requested by
Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
0e9afd7b4d009d7da001a550a89a2bf597329e1b191695ee9733fd3ce33f58f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
server
jag
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
private, no-cache, no-store, no-transform
content-length
48
x-xss-protection
1; mode=block
expires
Wed, 04 Oct 2023 10:15:03 GMT
truncated
/ 		926 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
706ec89bddee8ae8c38eb1843d067485fe8ab19a2706f54fa358ba08f8690ee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
fahrplan
www.bahn.de/web/api/angebote/ 		44 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/web/api/angebote/fahrplan
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/web/js/common.64478605.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8574a398dc144fa9892182a3ac583b7fb5bb9331b1fbe95afec0fa9677535769
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
x-correlation-id
657c5002-b33a-4fc6-98e6-0b666b0a94fe_b3abe2f7-a6b4-402c-a814-5b8972bca811
Referer
https://www.bahn.de/buchung/fahrplan/suche
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
content-type
application/json; charset=UTF-8

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
etag
W/"2c-Qa3SXc7siV6xBORscj27NECZBck"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-store, max-age=0
server-timing
intid;desc=f85dbca90c16e65c, intid;desc=f85dbca90c16e65c
content-length
44
x-xss-protection
1; mode=block
utag.1.js
cms.static-bahn.de/tms/next-main/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.static-bahn.de/tms/next-main/utag.1.js?utv=ut4.49.202308301337
Requested by
Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:5800:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad04f5a9e95f9406287389b0fc9662e7136aa4738c076e59a429b0c816290688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
zBnjn4i6DC4UKs2EDyLpCQ45TQpSALuU
content-encoding
gzip
via
1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date
Tue, 03 Oct 2023 14:45:57 GMT
last-modified
Thu, 28 Sep 2023 14:45:41 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P1
age
70147
x-amz-server-side-encryption
AES256
etag
W/"7e66dbbafc64bcd8f2951e645ef79bd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
NwYrP2LGMAtoFJgTTWYpYETIrCq0aDz4p5zGyZ9kANM7KQQtxzvAOQ==
s5263240865777
www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/ 		43 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/s5263240865777?AQB=1&ndh=1&pf=1&t=4%2F9%2F2023%2012%3A15%3A3%203%20-120&sdid=727304E1F4DB38F4-3498D934713C576C&mid=39230534508404657102183141582435208372&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=bahn-de_KeineReiseloesungen&g=https%3A%2F%2Fwww.bahn.de%2Fbuchung%2Ffahrplan%2Fsuche%23sts%3Dtrue%26so%3Dberlin%26zo%3Dfreiburg%28breisgau%29%2520hbf%26kl%3D2%26r%3D13%3A16%3Aklassenlos%3A1%26soid%3Da%253d1%2540o%253dberlin%2540x%253d13386988%2540y%253d52520501%2540u%253d80%2540l%253d8096003%2540b%253d1%2540p%253d1695931429%2540%26zoid%3Da%253d1%2540o%253dfreiburg%28breisgau&cc=EUR&ch=Suchen&events=event402%3D1&c3=Anonym&v3=Anonym&c24=bahn-de_KeineReiseloesungen&v24=bahn-de_KeineReiseloesungen&c54=2&v54=2&c57=EF&v57=EF&c58=1%3EERWACHSENER&v58=1%3EERWACHSENER&c59=6&v59=6&c60=2023-10-10&v60=2023-10-10&c69=Logout&v69=Logout&c75=https%3A%2F%2Fwww.bahn.de%2Fbuchung%2Ffahrplan%2Fsuche&v75=https%3A%2F%2Fwww.bahn.de%2Fbuchung%2Ffahrplan%2Fsuche&v110=bahn-de&v111=www.bahn.de&v112=KeineReiseloesungen&v113=Suchen&v115=https%3A%2F%2Fwww.bahn.de%2Fbuchung%2Ffahrplan%2Fsuche&v117=de&v118=Landscape&v119=Desktop&v121=Logout&v122=Anonym&v123=PK&v126=false&v143=2&v144=EF&v146=144&v147=6&v148=2023-10-10&v151=false&v153=alle&v154=false&v156=true&v173=k.E._0&v176=1ERWACHSENER&v177=1&v186=view%3Eut4.49.202308301337&v187=prd--default&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=%29%2520hbf%2540x%253d7841174%2540y%253d47997696%2540u%253d80%2540l%253d8000107%2540b%253d1%2540p%253d1695931429%2540%26hd%3D2023-10-10t12%3A14%3A33%26hza%3Dd%26ar%3Dfalse%26s%3Dtrue%26d%3Dfalse%26hz%3D%255b%255d%26fm%3Dfalse%26bp%3Dfalse&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-145.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bahn.de/buchung/fahrplan/suche
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 10:15:03 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 05 Oct 2023 10:15:03 GMT
server
jag
etag
3643022406568345600-4617958674312607850
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, no-transform
expires
Wed, 04 Oct 2023 10:15:03 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| bahn string| WEB_UI_BASE_URL string| WEB_GK_UI_PATH string| WEB_CMS_BASE_URL object| skyframe object| consentLayer object| utag_data object| tmsTagConfig object| classValidatorMetadataStorage object| authentication object| webpack_common_light function| clearImmediate function| setImmediate string| view object| digitalData string| gFSUGGEST number| gFSuggestInstanceCounter object| gFSuggestInstances string| FSuggestVersion string| FSuggestLastMod object| FSuggestFilter function| FSuggest function| reinitializeFSuggest function| checkForMatches object| SLs function| checkHWAIUsage boolean| bodySelect object| topCities boolean| utag_condload function| isInIframe object| utag function| loadLibrary boolean| __tealium_twc_switch object| utag_cfg_ovrd function| DataLayerHelper object| teal object| helper object| webpack_consent-layer string| lastBuiltCorrelationId boolean| routerLoading object| adobe function| Visitor object| s_c_il number| s_c_in string| globalAccount object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| optimizely object| s_i_dbbahnprod

12 Cookies

Domain/Path Name / Value
accounts.bahn.de/auth/realms/db/ Name: AUTH_SESSION_ID
Value: 2cbe4bc0-6733-44ad-b191-e3966ebc9afb.rh-sso-7b97bb957c-lfvvq
accounts.bahn.de/auth/realms/db/ Name: AUTH_SESSION_ID_LEGACY
Value: 2cbe4bc0-6733-44ad-b191-e3966ebc9afb.rh-sso-7b97bb957c-lfvvq
accounts.bahn.de/auth/realms/db/ Name: TS0135fa4a
Value: 0144e11a91007105112df62547e4e7671e5d239c30873e3dd934bf0c1f6ae018eca8f19fa3725fe373b7eb56b2806f65b3b90fab3765ce7d26a298ffa90f05a11b27ecb651ae2bd267311fd6e5a4d67cb033dd84388560eee57d3fb30e0c43309d4b7a5bae
.bahn.de/ Name: request_consent_v
Value: 3
.accounts.bahn.de/ Name: TS016c400a
Value: 0144e11a91115381e648919d82aadc43ff58b5b7e1873e3dd934bf0c1f6ae018eca8f19fa3fe6a1b2bcc9ffa5d471463d12a3d76d4
accounts.bahn.de/ Name: TS51bc32fa027
Value: 0850f34bcdab2000b6333a29406455a11ca985ff5ef453f68448d6cb6ba1432ff5fd89f5a0e0b37f089e0f0f96113000c2cd649368e2c643667b5322dcd336e00ef5dd83514526350708b393d30ba2b22fb239c83e535d46a547d6546d54a03b
www.bahn.de/ Name: TS01309da6
Value: 0144e11a91f287fff82853ce61125bcafbeae6ec40b075b7531d52cd3f1e9edc6cb934643e687f7fd225c1a41df2cacf02cd780124
.bahn.de/ Name: s_ecid
Value: MCMID%7C39230534508404657102183141582435208372
.bahn.de/ Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 1
.bahn.de/ Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19635%7CMCMID%7C39230534508404657102183141582435208372%7CMCAID%7CNONE%7CMCOPTOUT-1696421703s%7CNONE%7CvVersion%7C5.5.0
.bahn.de/ Name: utag_main
Value: v_id:018afa2f0f0500110220453fe70a0307401a706c00b08$_sn:1$_se:2$_ss:0$_st:1696416303582$ses_id:1696414502662%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bahn.de
.bahn.de/ Name: s_cc
Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bahn.de
assets.static-bahn.de
cms.static-bahn.de
p11.techlab-cdn.com
www.bahn.de
23.35.228.145
2600:9000:224a:5800:c:198:5740:93a1
2a02:26f0:3500:18::1724:a28e
2a02:26f0:7100::5f64:87a1
81.200.195.195
00521230e8053624727f59a5e5bfebb162b1e43a102925c1b97661d2d5ead7b3
02433a62f3bc96003e78509ec45872fe3330c330204fa77415039f40a043224b
0514123ecece0d3e8a2533965e3a448683646979ec77eca18aeddfc10720c360
0596aabb5219b7cb11cfc50ba512faafc377c9e2713b95874087330706945962
05c17aa399c3ca4f88d65eefda44ea1d72f6a9d8a4f2b0390b0ae69d0c8614fc
06decf7241e4092fff1ca556c5299e7cef11329c4a74003eb2350187b2a4a9a1
0916d403cbeb57dc9a31a9bba0a091e4ed46dd869a713b7cd8a4fb73d9d4f0a0
0e9afd7b4d009d7da001a550a89a2bf597329e1b191695ee9733fd3ce33f58f9
0ef84223229489c2f9a1cb2fc1a26fe8c9b0d981632c2cc9fcb8be5257e40a27
10fb4807524f4969129360dd7ace646f76c73099a46be9ff60b1fb0d950cf24a
11c7ed4380ebbabe62575e5af5e31c1722ae7f8746b98361e68a6e559087bea1
11d3595be362feb84395ac6c570415036d9d2e249f6d619249a44383737a5495
139cddf8500d9ce3ae43f24f3c589680f8ea9a032a19a8531b02176dd0b0a4ad
1461d324c8fa2c7337381467585a678dc5abd7a2e6b6c096af75fdecccfa480a
1475de151b27e77e4b3182b153ae4c1c9d2ffd424017868d53c0aabb9622eb59
14a32a2d64b2e8f30e4e67a7c1cad7cc0094a2de13fafc2ad0ae470cb8a54f4c
16dcd5ac7c1c8c7c115651f4461f6bdc3b0b351664e8bc9102c7fef0a6dd5451
17b9d3860d49cdeb550120a34cd5bf0ba380f847f2236df09bc020883c43908b
183d4292c5052f7f5ee787b4e3760bc12eaa90b9c62f10e1a48b65398e5e0183
187d8a13fe4f84db10c183f0af0c5f9d21f0254db3dee86bd1e72d4e7ebd7d27
194e997219405d69e03e4a7ed9507bfefd1990656aec0adcedf0258120f86fe9
1a7f4dbf1b57526c745b8370c5c3cb4562f4cf4fb07fd058b8a0fcf302b2b5cb
1afec06826da2e457c6b881cf767991ca7946fa2337ff0b596837b5a3b117c01
1d4bc379097e73bd0e8ebb81b310c4289e48d6abe704ffda98bde685266eba16
21f51430d0f6e556cb6620a1f2d694eee7c7fa53396a6e8c7821b0e536db8be4
223a375148b6439861d606a03c716896983a0b1f3fa870cc65af7456fb27a171
239352df70cbd0ff131357d0316e1ec812d24d052c5e8927541a79ee47c4aabf
24d7f5fec875511332c4a6dcae3395fb4221c5af016d66da2249c72e18523ee6
2721300b1fa3bfdda31246e323c9c7c4b6871e3edd7f90456fbbcf198fb3c652
29180f0ea8495613c444fede3c41eec3634593fd36de4599edd88d65c372b81e
2b4a1c582d29ea291030c4e91f42af2d02bca9af088e02b9342ede8fa33d9ee9
319d47c3b42eccefd514ffdc703e84da536bfec15425febc42472687f97b6506
323bf5ff1cabaa721d479f66665936c138ecccbc492dc1a9170cc50c38ee8c00
33870b6552293c896f9849dee6d8586bb6d16c45b720fb30fffdffd5903e647b
3517fa5b3bafa39f2875d2637468f4eb4bb41e3a646a52ca8a5d50d77ce73126
36635ddf837dcbbc73664d603cdfa92e43f2eac3b8785db11ac62f42db88e6ef
37b30865c1263054ab95ca1b1df1631d37d3bcfff74ca2620c2bfe6674a74f08
38187cc72368fd743c66694227f362c4866ad30c8ddbc2889a77f8a810437376
38e19e67e98beaa8a271568a57f8aa723d8845e936fcbf79dd661531c9085b8e
3b181c8243f38def2dec1bce7507f716f40a8257cd668dc47e20e6baa4753190
3b7b557806e7d6c29f3398a4bed104c1216e29c8ee407a9d8af7167ce670a370
3dda9bc2e37ec03f042f8963a7b18d71962c2e12ef4222602e58a092c78e1548
41f6cfa39b171ab33269b67f1dc29443b2ec799ea2497e727eadf525173de0e8
422aa4e7ba5ff626a830dbbee358cb5055122a03b5c36b5f7608e1b34999e529
428615e7a7cea3bf84038bf8cd8fc3dffb0814b6f29e4cc9090800043dd9c1af
43c2e9a8229cff85ed988727075e8d866d42bb0b77e67d0a058ce2a453d6296f
46749f2e4be474dccef7a6ec8757ce1e36dca3e6f41e87544666eacdd28c7d90
480b0f548b1670735deb454fd68ac902164a17b711d8c564035e281a35c3eedb
4837e2c4ef979d7ba7ede0dc47a03170748c98a7468c0c50b294a50ae090635e
4a99e4fd02590f62df0fad869eb24cd14358e36433bc6c891c2dd07a11b33dd5
4b4225891294200765b6084d4b56a242db3f6da6af4f40cf93884da8ccc2e2a2
4c9951d2e91bf613d354f4d2f20d69df0ae3bcfffcef1b5abded73f584a10730
51c6d54f6b8c4ecf64f39e0c6ac7cfff4548769378fc7608737a810abf052bce
51da2ec7ffbfe52836d494e68e3e59100622f1dd1657c5ec4fd22375770d4485
536545a6b7cace7310b729b7f88c764f4e42885161b7bfbfabed83e823fcf6f7
558efa820aa451144b28e2adddecca35699e6b74214b48da6b7af124afaa437c
55d17220b2f15079c0f65c4c2f80613a61b8c48fbf612772bc29eabcb7c758bd
583e810f0ad4539a46f0b11865afbcf6aa05424501c29722992d7e5b81272c80
594530ef4e77c02f16af017cba01b016a1c7c0cde7a9f5e167756c097aca4157
5c251943057794c17e04c971af3d7457cad1bce25f7c50370c892ebb880a1438
5c3b23942bb168eeef062de2202752cdae3fa399b0f25f89ec6116a12949cbc8
5d7f7c81dcf84f3c857053816c76333720a88fadcc1f9139ae45d447e0bcb1f8
5fc86166a2961102f14b6402ca1d6599b574e461b40db81a7f04e268cea0c4d7
60f7195703ff2564522ea0580afeddf7462ed3700bbf2b3e1c35f72451f2135f
65041296d267f2b061f19cffd3a4b31a8efa7438518139b6cbdd53b279181e76
6506e14536fa1c33275d6ce81de2560e727532f9e2850d7cc02c0da071ae3aa8
6565f827b8c4678937e4e26f98779af77304e1d87f3e81ebbafcc51b34cf7f9c
65f565612a6f3dcf726ae9c607d93bcbc83701d2e5ec044c091d2ad2373b3417
66aa0ac772835edd354e36cf1db4fa5849bb2932a9c5f2aeb2e9160ffbc08d34
6905fbe6567cc7e3b6d4e4a3567d13e369670f76b2ed2527abe9eaa10411a7ea
6f19b8cbe1650a2ffd662d231bc00f982dd71a39df82a82f16939c72459c404d
6fca88d849ea12d86338cd1bf9a2ece46e68e2d66afce82a6210e8ba1d4ab696
70074d8ac8ccdc7215df39c8214462358c5d4c2792c0e9392a15936df938c54a
706ec89bddee8ae8c38eb1843d067485fe8ab19a2706f54fa358ba08f8690ee3
714963a172d2b3040fe0f0a926280226563912102f488c9f6a75da219025e269
74a7a53097f5335e794968f4f7c27d089701fd635c8698c5f5fda7f30356cacb
757fe485e5e3121166f2a1a2e41c203438fafda4b7bc7b15a168936dd849ef96
75810130b2a289d1838d80a8c646abeb162351114590fb41914cc42add20cbb9
786fc5d841488f8b1d63bebec95cbdd2d6a085e1e1c71c96466306dd7f79afef
7d22916c9b244ee15b8cba4e8a4d92110387c0fb265e7f1f6550f63414f72642
7e7d45fb258c7097824a7901ad5d2145f93e5b2b0b00f9d0c954c6b8561143d3
81a8aad17f97e3aeb19304fa99af4a35e9c03fe5cc2cc0faf3d929cb6b697e40
81caf05a046c00f7e834736559851c7654b12b3be5571a11d28a4c713a6af8e7
81d417cf727a918283b5a08140f170e4a8beb40c159d8180e56a34d9ce2a31f9
82183de0e8606d94a01ce8ed116ca5f7d99160c489d8040062ca37de9202beff
82720808a0d0b63b358b592fb8463aa7a8944a938732a69ae5ee2f7a547cce7f
828905ae96379d3941c4a94d8c81b642747f844256b6f42ea188841471853509
84062c3a358cb1d4037d35e6554e4adc308afeb290913029ac00432137d3a683
8574a398dc144fa9892182a3ac583b7fb5bb9331b1fbe95afec0fa9677535769
86f4343495388eb8b0e0f3dd531cba4502a265e0990cee6b9fc64075cb88ebe6
881a1d7d872eaccf6fe4aeeb45d1d9ddc447f1920c5f39042d8f9b7f2e0e9e1b
89a9d1299ed9da2a2e1326ae9883b83156c1a7b3c2dd83298065856ce8d2af00
8a0f0a3e7e773bd54dc4133f6b5abf6959fa3acb5b3399984712bb04ce190358
8c99827c0c8c1d0ca2e43bacf5b8bca084c321b04e7585881e3514f44f13e7d7
8ce6800ada968e98aaa68c8d54c63bd65356bc3f5eac6aa9660091a75d9960e6
8e04ee1aeda1980025084d1393df4f306c133bea1e4efb09747cbd73ec9af537
90f72c218a88849a22298ede0920ab6218a7130e181c74236b24594bb9529685
917cce4212b8cc843ad8fcf79a93fd7efa69b75164a11f2d1c644ec958d41877
9562ce5831e0240ebcbaa93d8f37255835cf3a64bfa567781e547a9a71d70c76
9a20e09c7025d3a3c7837b4696a302a96ecb989b612bb42a90d4f749d16d3b03
9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7
9d63ac4829ff3321a91f13cdf3628548b9b76efd6ae3d59c719f085ef42449d1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a26b30c21448738e83671123715b8f6ee678191201b85313c00e28d80539136f
a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1
a644b3be138686bf07850d9e42266425359c84d471b7612d64d2befb76ca5a88
a6c15f31adf98b1b6d38c8b1afb9113630e7730b29ca1381f069cb31099d8a6b
a71a8268750583b4aa5b6b7ee41320b2d581dd0c1688524f97889ffdf84aa759
a8a52e3275a0a2494eee8d1cd471335ad7bb2c0e19546cbf33bfd0c8d1718756
a9d36c1132a2b03cbfed9f0d61d37c32bccc9ef8da7658e53805271a13f09926
aa48a57f72443a140bf863ded37df4b4527be610e9956bb3630ce5866995879d
aa9c949cfb413401701eeec004877adc65ea609c6d9a439c1362e8149de91bf1
aad41f4a1d38af1c73782a592b949530142afeef4eb29d08dbe193a9149f01c8
ab44186bf3e4edb65aea6a6585721f2177951c4bb8f82c192bfd4d646aa533f0
ac850d458b1443353c2e4acf1dfbcc8ef559a4c3a54477156f89dba9d8ff5f09
acaea83088ce7e7c349c7b325a95bc28a75916c6904846faba3ff305d4b135be
ad04f5a9e95f9406287389b0fc9662e7136aa4738c076e59a429b0c816290688
ad80a3f6b1b1b869088b872381b3179a21dccc4e465ec0a00c92824f6462c258
ae991e6c70e4155a46e6c26598ca6e89da14f1716248ef89a40fa3ec71492cd8
b20784ecad9b2e27e3ba2ab12d15c2fb71fb3891e0c528d9d2606c9860be2e21
b99a6ee71c4729ed91de2cfe0d404a38d6b54913c97bffbb1b5daa1c8a1fd250
b9ab3b91e81df19544a3cd7eff4ee086c2410290b354f9df46a2af7a7d0bf18e
baec5bfaeb49f4898823ec8950d6b7214876002508377f433eecb9ecaf9458bc
bba99ac68285b3f687364a1b5b3bc99f4b8cbb490a37119121e4134f02d1af60
bbd5a134190030a84e4648653bace9063f9de7c02c7d0a87d93bc37bfa087018
bda6d133efc36f9dfa73ea66f8fd59f0c2a2941b45c88caad206160746530021
bde736b4bada61754839c795f25637ac9d6960e2ade8bff4fccd4d8a8c3d4ff6
beb837536a0822c8ebd8764bf34e02d418a513d52cdfb55019236d4f3c42a2bb
c218c5c7cf3efee5ee209afd9aaf572e2fda606beef7da32d4c12acc6d04f2c4
c23831f64c67ec7a54f79c5e6680e08ed7686c10897edc30824fbd5c924ebc7b
c464103336e41cc2e5c54bd751d89acc07ec0acd2c400bf9ead08e55d73b7e16
c545a5aa779cc7b3fc5906069b3885f4279234891a9de0cfbd677a6cbd3a5d76
c808d3e0df80fb2b93fbf9cadff5d71d45809e405b9b5d025db8306d43f70892
ccc59f70c381eacd004feb05d22610a9dd2c64901a78ff5be124eaa2d6fa8fd5
ccd73f47f9e8ee1382c83621c2095c11bcaa47769437d3c4619f35a3a410a7b7
d262926270f5c908bd26c2298dec651a068f2d7e30c30be5796931c293cd0bab
d3b32f5d3b6e446280286567ffc4bed09749461589fe595fc5605c82acc99ac3
d5b1f1ccffd6a728c46be37d8bd1b8a95086ac61c719c986a7fac88b984bc84a
d74fc704ce0c29d3c6fb0846a4d236de99804ac60bda78c73419f440b1d6eced
d8fea9497de85611317b7695d7c44e56ea5b727f81d5ae05288f3593704847c9
d94894332082135766996807fe098b2f2a37b74f2f09bbc218578d9ff9981a53
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
dcc874713fcf9a5130c5cea6aeb46cb9f44795daccea8756d32a53cae2ee28e4
dd64301cb87d972860b5fbbaa935faa4529557bb67cac33139607cea05c446c4
dd84668c02c3201081a1cf36ec44aaca88f34f2c0e52fd8329a728429bb52ce5
dd86aaede930d85d59b08ed93136f03e8c7beb3ca2da1bec2beaf39592a2f163
de21bc82db33855aedea91f0cb1f47a17b9ccc95eb77c24eb9c8b50a85ec09de
de60e21ae4979e87b256fefc369c3e501f56fa649052c8fb670279955e0ee9b8
de74275e4a216a676a67f7bde46deed4ff31041af23285c17331b2fb633db120
dedcec1c9afe54561581029ed575e4e4437fd325e5b5d96eccaf1298646d2d34
e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ffae175f4d5d43b53b15b61082c3d8a8e73e306b51880515f8e8c57584cdb
e9d661a880a56580bf1fa10e6371e2db766f738efd961a6d1c59486f88760f96
ea17603cea34074343426d45a1dd9b8731844ce0527f8bbee0deecb3debc641c
eaa6397295435a5c32ba615dcaa627149c1a5beccf7220e06349726093c951f5
ec8f24c2f556a43bf312b0c75edea6a3a0e258c35b0cc7102ad86588bfb56218
ef2fe1a528fb601787f18ce068375e0f4948177bc8de825b3d264df87e162d8d
efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8
f0042be74d32a8c0757a5dff0cf24ec523e3d785f8681a06396cbfe518ae298d
f09b73164f7453caf252ae657c4af1b4a5e8d136a0f02e6f7e35be2f5787c485
f1c3fd1b87a4d5158d2d27d16b6d91b0d832d603b46629cf122406a9cc1245b8
f1e4c0642236f8df01b58ea1879aa65c366b7cef752f25c1442acec8109d3e61
f2809bf7c40bda397a5df9e5763fecc478a5047ec3b697a6a71dbdcc23df76cf
f3ab2dc88dc30b95d4d7cb6ab88d3896bb1ec853fce20ccbc6aa47c90aa26363
f434baa5b2cf121c647fa72fe7d62e0a8af177a5e2f32b40aeb23477d584f29f
f549a47fb1eee8143875a3c6f0829ffcbf85a30326b0ba5cb4afd8941bd403a9
f5ad07a2f02037fea93c89fc4ed2f608e722efd42051ed9bd1ac49d77c4e25e8
f70a040de0eed0729146b03e6f276c928a98b3d60ce3b44cfbd9e4321daf60ef
f74214164efcf94624af0d2007bea1dfad2888c135f24e0bde637c6ef662f184
f8e2e1a340e5f7ec9d39d04a6192fa216bf444f848e45753e3b7f9ee44f2ce59
f944fa08a6a2838c071b73270eabf837ce07e8591bd3beedc7ed873fd7eaf582
fbe39ef693a0f169e8e3083b49a5f35d09446494320f3102a66d24858e46077e
fd2641b3e26b06dbfe362649ba2f05c83db6d43fca192b78e3e13af6026ce734