urlscan.io logo urlscan.io
SecurityTrails logo

trainsplit.com Open in urlscan Pro
35.214.32.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trainsplit.com/
Effective URL: https://trainsplit.com/
Submission: On November 24 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 7 domains to perform 50 HTTP transactions. The main IP is 35.214.32.183, located in London, United Kingdom and belongs to GOOGLE, US. The main domain is trainsplit.com. The Cisco Umbrella rank of the primary domain is 664148.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 9th 2023. Valid for: a year.
This is the only time trainsplit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 31 35.214.32.183 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.7 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.78.241.213 396982 (GOOGLE-CL...)
4 143.204.215.107 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 3.120.113.109 16509 (AMAZON-02)
2 13.32.23.26 16509 (AMAZON-02)
50 12
31    35.214.32.183 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 183.32.214.35.bc.googleusercontent.com
trainsplit.com
3    2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
directus.trainsplit.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.27.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-7.fra56.r.cloudfront.net
platform-api.sharethis.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.78.241.213 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.241.78.34.bc.googleusercontent.com
sentry.trainsplit.com
4    143.204.215.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-107.fra53.r.cloudfront.net
beacon-v2.helpscout.net
1    2600:9000:206f:6600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.120.113.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-113-109.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    13.32.23.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-26.fra56.r.cloudfront.net
d3hb14vkzrxvla.cloudfront.net
Apex Domain
Subdomains		 Transfer
35 trainsplit.com
trainsplit.com — Cisco Umbrella Rank: 664148
directus.trainsplit.com
sentry.trainsplit.com
3 MB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
476 KB
4 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 10553
148 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
35 KB
3 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4214
buttons-config.sharethis.com — Cisco Umbrella Rank: 4712
l.sharethis.com — Cisco Umbrella Rank: 4359
48 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 cloudfront.net
d3hb14vkzrxvla.cloudfront.net
7 KB
50 7
Domain Requested by
31 trainsplit.com 8 redirects trainsplit.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 beacon-v2.helpscout.net trainsplit.com
beacon-v2.helpscout.net
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 www.google.com trainsplit.com
www.gstatic.com
www.google.com
3 fonts.googleapis.com trainsplit.com
3 directus.trainsplit.com
2 d3hb14vkzrxvla.cloudfront.net trainsplit.com
1 l.sharethis.com trainsplit.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 sentry.trainsplit.com trainsplit.com
1 platform-api.sharethis.com trainsplit.com
50 12

This site contains links to these domains. Also see Links.

Domain
refunds.trainsplit.com
uk.trustpilot.com
play.google.com
itunes.apple.com
Subject Issuer Validity Valid
*.trainsplit.com
Go Daddy Secure Certificate Authority - G2		 2023-09-09 -
2024-10-08		 a year crt.sh
directus.trainsplit.com
GTS CA 1D4		 2023-11-10 -
2024-02-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sentry.trainsplit.com
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
*.helpscout.net
Amazon RSA 2048 M02		 2023-04-02 -
2024-04-30		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://trainsplit.com/
Frame ID: AC4D6CCCE689BEEDAA5791CA1F63862E
Requests: 42 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Frame ID: 209584F509DEBA7D80F316E01A5A9442
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Split Ticketing with TrainSplit | Mobile App | Save up to 90%

Page URL History Show full URLs

  1. http://trainsplit.com/ HTTP 301
    https://trainsplit.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

86 %
HTTPS

50 %
IPv6

7
Domains

12
Subdomains

12
IPs

4
Countries

3288 kB
Transfer

6448 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trainsplit.com/ HTTP 301
    https://trainsplit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://trainsplit.com/dynamic/ic/ic_empty_basket_blue.svg HTTP 302
  • https://trainsplit.com/images/ic_empty_basket_blue.svg
Request Chain 9
  • https://trainsplit.com/dynamic/ic/ic_journey_planner.svg HTTP 302
  • https://trainsplit.com/images/ic_journey_planner.svg
Request Chain 14
  • https://trainsplit.com/dynamic/ic/ic_share_twitter.svg HTTP 302
  • https://trainsplit.com/images/ic_share_twitter.svg
Request Chain 15
  • https://trainsplit.com/dynamic/ic/ic_share_facebook.svg HTTP 302
  • https://trainsplit.com/images/ic_share_facebook.svg
Request Chain 25
  • https://trainsplit.com/dynamic/logo-for-light-bg HTTP 302
  • https://trainsplit.com/images/trainsplit_logo_blue.svg
Request Chain 27
  • https://trainsplit.com/dynamic/ic/ic_close.svg HTTP 302
  • https://trainsplit.com/images/ic_close.svg
Request Chain 28
  • https://trainsplit.com/dynamic/ic/ic_plus_grey.svg HTTP 302
  • https://trainsplit.com/images/ic_plus_grey.svg

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
trainsplit.com/
Redirect Chain
  • http://trainsplit.com/
  • https://trainsplit.com/
306 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
86e38fd358afa8a99b837f025c39c3f5f348b1f2e686e563758c9077d7affc31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 16:36:18 GMT
expect-ct
max-age=2592000
expires
Fri, 24 Nov 2023 16:36:19 GMT
link
<https://directus.trainsplit.com/assets/1df146be-504d-43d0-8681-5836133decdd?width=800>; rel=preload; as=image <https://directus.trainsplit.com/assets/f3be345a-2f72-4808-aff6-6d8534c4b5e5?width=800>; rel=preload; as=image <https://directus.trainsplit.com/assets/1f811ebc-eb3c-4d3e-89ef-86c2a52ef30a?width=800>; rel=preload; as=image
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
referrer-policy
no-referrer
request-id
65dbe7e3-9fb7-492e-8b27-35a48093f5ca
server
Class 800 IET
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
private
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Nov 2023 16:36:18 GMT
Location
https://trainsplit.com:443/
1df146be-504d-43d0-8681-5836133decdd
directus.trainsplit.com/assets/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://directus.trainsplit.com/assets/1df146be-504d-43d0-8681-5836133decdd?width=800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Directus
Resource Hash
e62a75d1f5ee1c7c45056a8d4482cc55a903611902e2590f57ccb557967351dd
Security Headers
Name Value
Content-Security-Policy default-src none;media-src 'self' blob: https://*

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src none;media-src 'self' blob: https://*
date
Fri, 24 Nov 2023 16:36:19 GMT
last-modified
Thu, 23 Nov 2023 16:49:12 GMT
server
Google Frontend
x-powered-by
Directus
vary
Origin, Cache-Control
content-type
image/jpeg
x-cloud-trace-context
c63a81bb161194224ac16d846a62171d
cache-control
public, max-age=2592000
content-disposition
inline; filename="att.jpg"
accept-ranges
bytes
content-length
69172
f3be345a-2f72-4808-aff6-6d8534c4b5e5
directus.trainsplit.com/assets/ 		745 KB
746 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://directus.trainsplit.com/assets/f3be345a-2f72-4808-aff6-6d8534c4b5e5?width=800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Directus
Resource Hash
4fd0df964729e14c98617f38ef8135e78d0ee5b351e5f2ba55d30ee090a07f9d
Security Headers
Name Value
Content-Security-Policy default-src none;media-src 'self' blob: https://*

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src none;media-src 'self' blob: https://*
date
Fri, 24 Nov 2023 16:36:19 GMT
last-modified
Thu, 23 Nov 2023 15:23:35 GMT
server
Google Frontend
x-powered-by
Directus
vary
Origin, Cache-Control
content-type
image/png
x-cloud-trace-context
1927a01fd02fa13834160f14c38a5ed9
cache-control
public, max-age=2592000
content-disposition
inline; filename="bf.png"
accept-ranges
bytes
content-length
762431
1f811ebc-eb3c-4d3e-89ef-86c2a52ef30a
directus.trainsplit.com/assets/ 		832 KB
833 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://directus.trainsplit.com/assets/1f811ebc-eb3c-4d3e-89ef-86c2a52ef30a?width=800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Directus
Resource Hash
79fec4d837cd798ad38ebb1ed7ba06f9a306dcd3bc17d6e98d4d9a28888514c3
Security Headers
Name Value
Content-Security-Policy default-src none;media-src 'self' blob: https://*

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src none;media-src 'self' blob: https://*
date
Fri, 24 Nov 2023 16:36:19 GMT
last-modified
Tue, 14 Nov 2023 15:35:49 GMT
server
Google Frontend
x-powered-by
Directus
vary
Origin, Cache-Control
content-type
image/png
x-cloud-trace-context
21f0a2974d511856a2927143e8d6550b
cache-control
public, max-age=2592000
content-disposition
inline; filename="daytrips.png"
accept-ranges
bytes
content-length
852470
css2
fonts.googleapis.com/ 		5 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 16:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 16:36:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 16:36:19 GMT
app.c7b593ed.css
trainsplit.com/build/ 		316 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/build/app.c7b593ed.css
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
b23080aab5f3281bc89de34d9ef28d928923d9efaea79e8aa9deef816698486a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
via
1.1 google
etag
"4f134-60aace3194240-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56983
home.314c7798.css
trainsplit.com/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/build/home.314c7798.css
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
7d18c995ef0c1cbfded9532441197edfccfae7c101eb32c1b979a5ddadbf8849
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
via
1.1 google
etag
"1477-60aace3194240-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
jquery.timepicker.min.css
trainsplit.com/timepicker/ 		1 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/timepicker/jquery.timepicker.min.css
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
449e2d8b37ae8b7cd0e922b7a32b6c8850527b2bb1e64d1a750551c5ba87c7dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
via
1.1 google
etag
"58f-60aaccc5466c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
413
extra-css
trainsplit.com/dynamic/ 		73 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/dynamic/extra-css
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
00afb4addff2c6c9933e4b42060ec7ace9b88722b5dfcc4671a3ea5bc4cee58e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-encoding
gzip
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
content-disposition
inline
request-id
a187038a-6cc0-47df-a01a-7ba529a68f81
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=900, public
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
ic_empty_basket_blue.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_empty_basket_blue.svg
  • https://trainsplit.com/images/ic_empty_basket_blue.svg
499 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_empty_basket_blue.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
3c8d8076eac2e7feb97773b682e2631ac21f8f794f8d0cfc83d97fe2de8928d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"1f3-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
499

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
9e8b062c-6ee2-445c-bebc-ce982725e9fa
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_empty_basket_blue.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
ic_journey_planner.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_journey_planner.svg
  • https://trainsplit.com/images/ic_journey_planner.svg
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_journey_planner.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
74eaa6df83b6edad986368238a890141cdf849edbec7eff948399018565a2893
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"45f-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1119

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
2a21db5c-a82b-470e-a402-78b7bf463bdc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_journey_planner.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
avatar.jpg
trainsplit.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/avatar.jpg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"5f8-60aaccc5466c0"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1528
app-homepage.svg
trainsplit.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/app-homepage.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
b16835a863fb225e857f154ccf23a5c2ad4a8a9f49e9168c4db77ba38b6580ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"16d0-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5840
google-play-new.svg
trainsplit.com/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/google-play-new.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
247d4aa88bebb31246b6e211ee62752d5daac9d0311d462a3de228701bfc138a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"4523-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17699
appstore.svg
trainsplit.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/appstore.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
0aeda0035a1c28d2000b2e12f8be2335913f4dc0bdcc61d3a1ea3c7e68c91cb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"3f2e-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16174
ic_share_twitter.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_share_twitter.svg
  • https://trainsplit.com/images/ic_share_twitter.svg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_share_twitter.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
2173d1929611fab07226a90533253d8608d7686392e50709a1703359e9c19450
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"bd4-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3028

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
af438ec2-be93-4043-a012-d6de32e0b15f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_share_twitter.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
ic_share_facebook.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_share_facebook.svg
  • https://trainsplit.com/images/ic_share_facebook.svg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_share_facebook.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
73dbcb32957e733e9c9864425d912ad8d89c11710728e43769566f68f324634d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"939-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2361

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
8b688e8b-e854-4cd4-ab11-f1e1f4ea341c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_share_facebook.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
nra_white.svg
trainsplit.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/nra_white.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
8a1328f2d492ab3ff55a032b670c080747ee6850892c9f91921f2844384db1f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"2383-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9091
runtime.128d72e1.js
trainsplit.com/build/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/build/runtime.128d72e1.js
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
c4fc301e7625c6dbcf7edf28267cdb2f79cce45d1ac30c9db7e1241a74c2690d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
via
1.1 google
etag
"7f2-60aace3194240-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1026
app.2a20cae8.js
trainsplit.com/build/ 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/build/app.2a20cae8.js
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
478730112f3c89e02ef435a56a0790cd59099b609d5dcd482c14aeffaf4fd63d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
via
1.1 google
etag
"180112-60aace3194240-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
home.9eb03165.js
trainsplit.com/build/ 		647 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/build/home.9eb03165.js
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
b4e83b80405a18b3738c3de56a77b10ec3b4b6d68ab8cb0b90ad8fc8acb39665
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
via
1.1 google
etag
"a1b12-60aace3194240-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sharethis.js
platform-api.sharethis.com/js/ 		208 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-7.fra56.r.cloudfront.net
Software
/
Resource Hash
f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:28:57 GMT
content-encoding
gzip
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-C2
age
442
etag
W/"33fbe-N51ttSXIC05eae0N3/gGTPPbUMQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
Az4t7BCz6QxFOA1wMeqDaCXozNHvdiQGbThnuKO8pwb7ObcJpjGDyw==
jquery.timepicker.min.js
trainsplit.com/timepicker/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trainsplit.com/timepicker/jquery.timepicker.min.js
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
053ebaffd4512d6dd320e37994c6308512ea70d8a206ede7fad84d610632d9d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
via
1.1 google
etag
"3df7-60aaccc5466c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5271
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
051766f0df8c70094532a475068d8403640f136fadc13ce2122ab00580dfd6a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 16:36:19 GMT
css
fonts.googleapis.com/ 		3 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,700
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.c7b593ed.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0d049b819a74da03d4a77df7fc2db32087edbf22b8c1926ab6a40db3618b9b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 16:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 16:11:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 16:36:19 GMT
css
fonts.googleapis.com/ 		7 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.c7b593ed.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 16:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 14:46:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 16:36:19 GMT
trainsplit_logo_blue.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/logo-for-light-bg
  • https://trainsplit.com/images/trainsplit_logo_blue.svg
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/trainsplit_logo_blue.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.c7b593ed.css
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
10e211136b8025895dbd5e0b7a1d1cd4749b1f7fd5bd7715b252c8f489ab2738
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"10dd-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4317

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
442757a8-48a6-49f7-ad34-53783b9c1022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/trainsplit_logo_blue.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
TSWebHeroImage_L.e7a1e38b.webp
trainsplit.com/build/images/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/build/images/TSWebHeroImage_L.e7a1e38b.webp
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/home.314c7798.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
006203fcb702866d0c045d84c8545b8e34f2786ce64afadcb7da4479f5b4c9a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://trainsplit.com/build/home.314c7798.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:25:21 GMT
server
Class 800 IET
etag
"d932-60aace3194240"
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55602
ic_close.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_close.svg
  • https://trainsplit.com/images/ic_close.svg
593 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_close.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/home.314c7798.css
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
4b7edbee4c1e7c0e0b6719d7299451b93ed46fc641dd02c303fb828f7edb16a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"251-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
593

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
9f44750f-c5bd-4c16-9fe9-bdf5f8195736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_close.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
ic_plus_grey.svg
trainsplit.com/images/
Redirect Chain
  • https://trainsplit.com/dynamic/ic/ic_plus_grey.svg
  • https://trainsplit.com/images/ic_plus_grey.svg
661 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/ic_plus_grey.svg
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/home.314c7798.css
Protocol
H2
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
a8dbffdcc862d3abaeecfa4d7a1cb0e3f8b0aa458efd8bd94a00ae231c52f187
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"295-60aaccc5466c0"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
661

Redirect headers

date
Fri, 24 Nov 2023 16:36:19 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
via
1.1 google
content-security-policy-report-only
script-src 'self' https://bat.bing.com https://*.googletagmanager.com https://www.google-analytics.com https://beacon-v2.helpscout.net https://code.jquery.com/ui/ https://*.sharethis.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-eval' https://apis.google.com https://*.booking.com https://cf.bstatic.com ;style-src 'self' https://code.jquery.com/ui/ https://beacon-v2.helpscout.net https://fonts.googleapis.com https://rsms.me 'unsafe-inline' https://cf.bstatic.com ;connect-src 'self' https://railcards.trainsplit.com https://railcards.*.trainsplit.com https://*.googleapis.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://sentry.trainsplit.com wss://*.pusher.com https://d3hb14vkzrxvla.cloudfront.net https://chatapi.helpscout.net https://beaconapi.helpscout.net https://bat.bing.com https://stats.g.doubleclick.net https://l.sharethis.com ;font-src 'self' data: https://beacon-v2.helpscout.net https://fonts.gstatic.com https://rsms.me;form-action 'self' https://accounts.google.com ;img-src 'self' * data: https://*.googletagmanager.com https://*.google-analytics.com ;media-src https://beacon-v2.helpscout.net;object-src 'none';frame-ancestors 'self';frame-src https://beacon-v2.helpscout.net https://www.google.com/ https://www.stay22.com https://trainsplit.firebaseapp.com https://*.trainsplit.com https://www.youtube.com https://www.booking.com ;base-uri 'self';child-src ;report-uri https://sentry.trainsplit.com/api/9/security/?sentry_key=30a134ca37b2460a883919c5329d33ff
request-id
45a13763-5781-41c9-a320-f79d6bbeadb3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
Class 800 IET
expect-ct
max-age=2592000
x-frame-options
DENY
content-type
text/html; charset=UTF-8
location
/images/ic_plus_grey.svg
cache-control
no-cache, private
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-write=(self)
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trainsplit.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:53:46 GMT
x-content-type-options
nosniff
age
542553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 09:53:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trainsplit.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 12:44:50 GMT
x-content-type-options
nosniff
age
532289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 12:44:50 GMT
/
sentry.trainsplit.com/api/9/envelope/ 		2 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.trainsplit.com/api/9/envelope/?sentry_key=30a134ca37b2460a883919c5329d33ff&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.80.0
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.2a20cae8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.241.213 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.241.78.34.bc.googleusercontent.com
Software
sentry-relay/23.10.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://trainsplit.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 24 Nov 2023 16:36:19 GMT
server
sentry-relay/23.10.1
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
content-length
2
/
beacon-v2.helpscout.net/ 		458 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.2a20cae8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-107.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d184781c0d327a53c3e9951aad72dd538518dc88ea6360215a3f2f6b174d4421

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:35:42 GMT
content-encoding
gzip
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
42
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
328
last-modified
Tue, 21 Nov 2023 17:34:46 GMT
server
AmazonS3
etag
"36480c3a361b74a60837166ab15be86b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120, s-maxage=120, public
accept-ranges
bytes
x-amz-cf-id
VHypEm5uFAWdfqBni2PbSqWu7n_Ycc3OySbYp_WMCiIGPlIFq4qUjg==
58ddf74911d0a70011b390a6.js
buttons-config.sharethis.com/js/ 		367 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/58ddf74911d0a70011b390a6.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32d3768ffb694e3b067911af70d4e10a23fe727657fce95c7ae09bf7057ac5c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:21 GMT
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2017 06:38:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"c46f1087e4a279f3ccf13a8545c34e86"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
367
x-amz-cf-id
LckKBoC-_nxx4RDwOr9R-exseRA_jpAK1fguD9jZiYiLKYEo60xEfg==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://trainsplit.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 16:05:13 GMT
pview
l.sharethis.com/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=trainsplit.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Ftrainsplit.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Split%20Ticketing%20with%20TrainSplit%20%7C%20Mobile%20App%20%7C%20Save%20up%20to%2090%25&cms=unknown&publisher=58ddf74911d0a70011b390a6&sop=true&version=st_sop.js&lang=en&description=TrainSplit%20compares%20routes%20%26%20fares%20to%20get%20the%20best%20value%20through%20split%20ticketing%20with%20no%20booking%20fee%20%26%20saving%20up%20to%2090%25&ua=&ua_mobile=false&ua_full_version_list=&uuid=cf21e7b3-2344-4ee8-9b8c-f0c33be3a8ba
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.2a20cae8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.113.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-113-109.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 16:36:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://trainsplit.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
tcbc.png
trainsplit.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trainsplit.com/images/tcbc.png
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.32.183 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
183.32.214.35.bc.googleusercontent.com
Software
Class 800 IET /
Resource Hash
11975251896944f274f1d6c1df31bfc9c8705368583cac5032b4333f48bce5be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
last-modified
Tue, 21 Nov 2023 17:18:59 GMT
server
Class 800 IET
etag
"2ca3-60aaccc5466c0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11427
vendor.69ce94b1.js
beacon-v2.helpscout.net/static/js/ 		51 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.69ce94b1.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-107.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:41:41 GMT
content-encoding
gzip
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
6882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17768
last-modified
Thu, 16 Nov 2023 11:35:02 GMT
server
AmazonS3
etag
"5080ce4e019c8c43fe25a97a8560a638"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
RTtbydnqo9acpvevGdZRcDa9aSbNKWpIPDj0jQVc7tGRQ9GIAg-DZQ==
main.b74ea755.js
beacon-v2.helpscout.net/static/js/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.b74ea755.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-107.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eefc2a05bb172dce2d7ee12642354ca53027ada5a3dbe7aa65c8b8485e9861d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:41:41 GMT
content-encoding
gzip
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
6882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
12446
last-modified
Tue, 21 Nov 2023 17:34:47 GMT
server
AmazonS3
etag
"bf6966e8e39ff4f6190daef8c8c6b948"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
8EdGBautbLpsOKeREXwmLkqB9qYHo6-wh1DPkY-dvXR6GVEOERN_sQ==
full-beacon-init.201d6e38.chunk.js
beacon-v2.helpscout.net/static/js/ 		413 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/full-beacon-init.201d6e38.chunk.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/main.b74ea755.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-107.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10ca09fa6f08ebbba87779d1ad0a67c5bbb9f6a940de180a588b9ba61bb6f78e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 15:36:38 GMT
content-encoding
gzip
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
3598
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
119574
last-modified
Tue, 21 Nov 2023 17:34:47 GMT
server
AmazonS3
etag
"d0d9952ca775447a4bf6b400dac998c6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
nWH_4MxOSH864hDxO2PaC-0-VOfBm68SrYVNkVDqZ3mQsDhMKka6cw==
anchor
www.google.com/recaptcha/api2/ Frame 2095 		59 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06af6e53e259fe40213b9d322e457149f9ce218c9564dd82fb4cf3543ad49bb6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J__CoIa8a_y-Q43G81AUSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J__CoIa8a_y-Q43G81AUSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 16:36:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
150b00d7-d607-4aa7-92c0-95c3e73784ab
d3hb14vkzrxvla.cloudfront.net/v1/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/150b00d7-d607-4aa7-92c0-95c3e73784ab
Requested by
Host: trainsplit.com
URL: https://trainsplit.com/build/app.2a20cae8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-26.fra56.r.cloudfront.net
Software
/
Resource Hash
279cb51d2d4c8c08e8c1dd2fc6d6e8b104ab45a3d50f6723b9bbbaacacff2d08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

correlationId
54e00d06-9fcd-40a3-8ec1-b8afefd2f036
Helpscout-Release
2.2.131
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Accept
application/json, text/plain, */*
Beacon-Device-ID
b09b93d6-2769-4dd8-909b-72f2384ffff7
Referer
Helpscout-Origin
Beacon-Embed

Response headers

date
Fri, 24 Nov 2023 16:36:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-ratelimit-remaining-identify-hour
25
x-ratelimit-limit-general-minute
60
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-attachments-hour
10
vary
Origin,Access-Control-Request-Method
content-type
application/json
access-control-allow-origin
https://trainsplit.com
x-ratelimit-remaining-general-minute
60
access-control-expose-headers
Resource-ID
cache-control
max-age=300
access-control-allow-credentials
true
x-ratelimit-remaining-attachments-hour
10
x-amz-cf-id
yYc-sqSmq0DX2FC7nhkTHXcxOC4riUy7pHzvu6SRfzMcKwlKkM0esw==
x-ratelimit-limit-chat-tokens-hour
25
150b00d7-d607-4aa7-92c0-95c3e73784ab
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d3hb14vkzrxvla.cloudfront.net/v1/150b00d7-d607-4aa7-92c0-95c3e73784ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-26.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
beacon-device-id,correlationid,helpscout-origin,helpscout-release
Access-Control-Request-Method
GET
Origin
https://trainsplit.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-methods
GET
access-control-allow-origin
https://trainsplit.com
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length
0
date
Fri, 24 Nov 2023 16:36:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-id
c2bFPeBbXO3rguBWeWE43T72_m8fh2anyURysCRUP1sPADn6BD4VgA==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-ratelimit-limit-attachments-hour
10
x-ratelimit-limit-chat-tokens-hour
25
x-ratelimit-limit-conversations-hour
10
x-ratelimit-limit-general-minute
60
x-ratelimit-limit-identify-hour
25
x-ratelimit-remaining-attachments-hour
10
x-ratelimit-remaining-chat-tokens-hour
25
x-ratelimit-remaining-conversations-hour
10
x-ratelimit-remaining-general-minute
60
x-ratelimit-remaining-identify-hour
25
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 2095 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:05:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 16:05:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 2095 		465 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 16:05:13 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 2095 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
333112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 27 Nov 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2095 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
61764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2095 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:01:27 GMT
x-content-type-options
nosniff
age
156893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:01:27 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 2095 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyDgAVAAAAAPCX6GqTLqZTBFr_ZmUEROdYeDO_&co=aHR0cHM6Ly90cmFpbnNwbGl0LmNvbTo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=tciaddov2q5l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 16:36:20 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| webpackChunk object| SENTRY_RELEASE object| SENTRY_RELEASES object| componentHandler function| MaterialButton function| MaterialProgress function| MaterialSpinner function| MaterialTextfield object| firebaseui object| dialogPolyfill function| applyFocusVisiblePolyfill object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| dataLayer function| gtag function| $ function| jQuery string| firebase_project_id object| INSPBEventBus object| progressIndicator object| firebaseUiCallbacks object| firebaseUiConfig object| BeaconSessionData function| Beacon object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| beaconJsonp object| recaptcha object| closure_lm_298184 function| __onBeaconDestroy object| beaconStore object| __sentry_instrumentation_handlers__

2 Cookies

Domain/Path Name / Value
trainsplit.com/ Name: __Host-TrainSplit-SUID
Value: a6fd2d00-87b6-4ec0-8b1f-1fa1ca64ba58
trainsplit.com/ Name: __Host-TrainSplit_AB_useRecommendedResult
Value: false

13 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://trainsplit.com/
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js(Line 48)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js(Line 22)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.
security error URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js(Line 22)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.
security error URL: https://beacon-v2.helpscout.net/static/js/vendor.69ce94b1.js
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.
security error URL: https://beacon-v2.helpscout.net/static/js/vendor.69ce94b1.js
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'https://railcards.*.trainsplit.com'. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon-v2.helpscout.net
buttons-config.sharethis.com
d3hb14vkzrxvla.cloudfront.net
directus.trainsplit.com
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
platform-api.sharethis.com
sentry.trainsplit.com
trainsplit.com
www.google.com
www.gstatic.com
13.32.23.26
13.32.27.7
143.204.215.107
2600:9000:206f:6600:c:abe:f440:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:827::2013
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
3.120.113.109
34.78.241.213
35.214.32.183
006203fcb702866d0c045d84c8545b8e34f2786ce64afadcb7da4479f5b4c9a9
00afb4addff2c6c9933e4b42060ec7ace9b88722b5dfcc4671a3ea5bc4cee58e
051766f0df8c70094532a475068d8403640f136fadc13ce2122ab00580dfd6a6
053ebaffd4512d6dd320e37994c6308512ea70d8a206ede7fad84d610632d9d3
06af6e53e259fe40213b9d322e457149f9ce218c9564dd82fb4cf3543ad49bb6
0aeda0035a1c28d2000b2e12f8be2335913f4dc0bdcc61d3a1ea3c7e68c91cb9
10ca09fa6f08ebbba87779d1ad0a67c5bbb9f6a940de180a588b9ba61bb6f78e
10e211136b8025895dbd5e0b7a1d1cd4749b1f7fd5bd7715b252c8f489ab2738
11975251896944f274f1d6c1df31bfc9c8705368583cac5032b4333f48bce5be
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c376d148361f36809d62e7ad6274300a3ca246889d1bee927be6eadd12cbee9
2173d1929611fab07226a90533253d8608d7686392e50709a1703359e9c19450
247d4aa88bebb31246b6e211ee62752d5daac9d0311d462a3de228701bfc138a
279cb51d2d4c8c08e8c1dd2fc6d6e8b104ab45a3d50f6723b9bbbaacacff2d08
32d3768ffb694e3b067911af70d4e10a23fe727657fce95c7ae09bf7057ac5c0
3c8d8076eac2e7feb97773b682e2631ac21f8f794f8d0cfc83d97fe2de8928d3
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449e2d8b37ae8b7cd0e922b7a32b6c8850527b2bb1e64d1a750551c5ba87c7dd
478730112f3c89e02ef435a56a0790cd59099b609d5dcd482c14aeffaf4fd63d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4b7edbee4c1e7c0e0b6719d7299451b93ed46fc641dd02c303fb828f7edb16a0
4fd0df964729e14c98617f38ef8135e78d0ee5b351e5f2ba55d30ee090a07f9d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
73dbcb32957e733e9c9864425d912ad8d89c11710728e43769566f68f324634d
74eaa6df83b6edad986368238a890141cdf849edbec7eff948399018565a2893
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79fec4d837cd798ad38ebb1ed7ba06f9a306dcd3bc17d6e98d4d9a28888514c3
7d18c995ef0c1cbfded9532441197edfccfae7c101eb32c1b979a5ddadbf8849
86e38fd358afa8a99b837f025c39c3f5f348b1f2e686e563758c9077d7affc31
8a1328f2d492ab3ff55a032b670c080747ee6850892c9f91921f2844384db1f1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a8dbffdcc862d3abaeecfa4d7a1cb0e3f8b0aa458efd8bd94a00ae231c52f187
b0d049b819a74da03d4a77df7fc2db32087edbf22b8c1926ab6a40db3618b9b8
b16835a863fb225e857f154ccf23a5c2ad4a8a9f49e9168c4db77ba38b6580ab
b23080aab5f3281bc89de34d9ef28d928923d9efaea79e8aa9deef816698486a
b4e83b80405a18b3738c3de56a77b10ec3b4b6d68ab8cb0b90ad8fc8acb39665
b62f36160407c81030404ab242125afd42fa0da6626ef11e5f406dda12acf144
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4fc301e7625c6dbcf7edf28267cdb2f79cce45d1ac30c9db7e1241a74c2690d
d184781c0d327a53c3e9951aad72dd538518dc88ea6360215a3f2f6b174d4421
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a75d1f5ee1c7c45056a8d4482cc55a903611902e2590f57ccb557967351dd
eefc2a05bb172dce2d7ee12642354ca53027ada5a3dbe7aa65c8b8485e9861d5
f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5