www.bahn.de Open in urlscan Pro
2a02:26f0:300::215:8538 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bahn.de/
Effective URL:
https://www.bahn.de/
Submission: On May 08 via api (May 8th 2024, 10:47:41 pm UTC) from US — Scanned from DE

Summary HTTP 188 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 188 HTTP transactions. The main IP is 2a02:26f0:300::215:8538, located in Berlin, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.bahn.de. The Cisco Umbrella rank of the primary domain is 37697.
TLS certificate: Issued by R3 on March 13th 2024. Valid for: 3 months.

This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:300... 2a02:26f0:300::215:852a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
151	2a02:26f0:300... 2a02:26f0:300::215:8538	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2a02:26f0:12d... 2a02:26f0:12d::b819:ef22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:9000:20e... 2600:9000:20eb:4a00:c:198:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:26f0:300... 2a02:26f0:300::215:8561	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:12d... 2a02:26f0:12d:59b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2600:9000:275... 2600:9000:275d:c200:1b:1f8f:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
188	7

1 2a02:26f0:300::215:852a (Berlin, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

151 2a02:26f0:300::215:8538 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:26f0:12d::b819:ef22 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20eb:4a00:c:198:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cms.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:300::215:8561 (Berlin, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

accounts.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:12d:59b::13b8 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:275d:c200:1b:1f8f:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ucm-eu.verint-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
154	bahn.de 2 redirects www.bahn.de — Cisco Umbrella Rank: 37697 accounts.bahn.de — Cisco Umbrella Rank: 57883	1 MB
29	static-bahn.de assets.static-bahn.de — Cisco Umbrella Rank: 107380 cms.static-bahn.de — Cisco Umbrella Rank: 103566	717 KB
5	verint-cdn.com ucm-eu.verint-cdn.com — Cisco Umbrella Rank: 70145	55 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 923	2 KB
188	4

	Domain	Requested by
152	www.bahn.de	1 redirects www.bahn.de cms.static-bahn.de
22	assets.static-bahn.de	www.bahn.de
7	cms.static-bahn.de	www.bahn.de cms.static-bahn.de
5	ucm-eu.verint-cdn.com	cms.static-bahn.de ucm-eu.verint-cdn.com
2	accounts.bahn.de	1 redirects www.bahn.de
1	cdn.optimizely.com	www.bahn.de
188	6

This site contains links to these domains. Also see Links.

Domain
int.bahn.de
bahn.de
www.deutschebahn.com
em2024.bahn.de
www.facebook.com
www.instagram.com
twitter.com
www.whatsapp.com
www.linkedin.com
karriere.deutschebahn.com
regional.bahn.de
bahnshop.de

Subject Issuer	Validity	Valid
www.bahn.de R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
subsites.bahn.de R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
cms.static-bahn.de Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
verint-cdn.com Amazon RSA 2048 M02	`2023-07-06` - `2024-08-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/
Frame ID: E22F086B64D45E5F5756636194FD4D43
Requests: 205 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Frame ID: 6E6C14A26371E0C49D54B9490862C56B
Requests: 1 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
Frame ID: 165B81F798D492F80979202D8F2C44D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DB Fahrplan, Auskunft, Tickets, informieren und buchen - Deutsche Bahn

Page URL History Show full URLs

http://www.bahn.de/ HTTP 307
https://www.bahn.de/ HTTP 307
http://www.bahn.de/ HTTP 301
https://www.bahn.de/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

vue[.-]([\d.]*\d)[^/]*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

188
Requests

99 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

2169 kB
Transfer

4645 kB
Size

20
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://int.bahn.de/cs
Title: Český Sprache wechseln: Český

Search URL Search Domain Scan URL

URL: https://int.bahn.de/da
Title: Dansk Sprache wechseln: Dansk

Search URL Search Domain Scan URL

URL: https://int.bahn.de/en
Title: English Sprache wechseln: English

Search URL Search Domain Scan URL

URL: https://int.bahn.de/es
Title: Español Sprache wechseln: Español

Search URL Search Domain Scan URL

URL: https://int.bahn.de/fr
Title: Français Sprache wechseln: Français

Search URL Search Domain Scan URL

URL: https://int.bahn.de/it
Title: Italiano Sprache wechseln: Italiano

Search URL Search Domain Scan URL

URL: https://int.bahn.de/nl
Title: Nederlands Sprache wechseln: Nederlands

Search URL Search Domain Scan URL

URL: https://int.bahn.de/pl
Title: Polski Sprache wechseln: Polski

Search URL Search Domain Scan URL

URL: https://bahn.de/angebot/urlaub/bahnreisen/summerrail/europapark
Title: Die Bahn bringt Sie hin

Search URL Search Domain Scan URL

URL: https://www.deutschebahn.com/de
Title: DB ist Europa Wir feiern den Europamonat: Die DB steht für Toleranz und Demokratie, für Freiheit und Europa. Zu deutschebahn.com Weitere Informationen: DB ist Europa

Search URL Search Domain Scan URL

URL: https://em2024.bahn.de/
Title: UEFA EURO 2024™ 51 Spiele in 10 Städten: Mit der Bahn umweltfreundlich zu den Spielen. Mehr zur UEFA EURO 2024™ Weitere Informationen: UEFA EURO 2024™

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DBPersonenverkehr/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dbpersonenverkehr/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/db_bahn
Title: X

Search URL Search Domain Scan URL

URL: https://www.whatsapp.com/channel/0029VaBfl1CE50UiAvrPvn0R
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/db-geschaeftsreisen/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://karriere.deutschebahn.com/karriere-de
Title: Jobs & Karriere Weitere Informationen: Jobs & Karriere

Search URL Search Domain Scan URL

URL: https://regional.bahn.de/
Title: regional.bahn.de Weitere Informationen: regional.bahn.de

Search URL Search Domain Scan URL

URL: https://bahnshop.de/
Title: Bahnshop Weitere Informationen: Bahnshop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bahn.de/ HTTP 307
https://www.bahn.de/ HTTP 307
http://www.bahn.de/ HTTP 301
https://www.bahn.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 179

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=kf_web&response_type=code&state=MniELkDUYM&scope=openid%20vendo&response_mode=fragment&prompt=none&code_challenge=mlBj88quaHwou4BoAJBdBmipLDr9p1ycRRWVKkaFG-4&code_challenge_method=S256 HTTP 302
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

188 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bahn.de/
Redirect Chain

http://www.bahn.de/
https://www.bahn.de/
http://www.bahn.de/
https://www.bahn.de/

63 KB
15 KB

228ms
154ms

Document
text/html

2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86ef238beb68dc97f97be457bf5094542a89934da1adcd83115ab557bd99057a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=51
content-encoding: gzip
content-length: 13160
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Wed, 08 May 2024 22:47:34 GMT
expires: Wed, 08 May 2024 22:48:25 GMT
last-modified: Wed, 08 May 2024 22:42:46 GMT
server-timing: intid;desc=0ff37e65a9296f95
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Date: Wed, 08 May 2024 22:47:34 GMT
Expires: Wed, 08 May 2024 22:47:34 GMT
Location: https://www.bahn.de/
Server: AkamaiGHost
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 asyncServices-91cbb27b.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 350 B
3 KB 85ms
79ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/asyncServices-91cbb27b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

46ce05d42c0ace6157a2a88e54fee3c5de0527ba259f3964c650f4c0b8114e9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=2616318d31628b95
content-length: 219
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 auth-20b47a1a.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 157 KB
49 KB 86ms
81ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56ddc25bbc65463a8d98984ac0d5d6e99605a38f0e5d49e4d8c66dac50496d60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=88a5a90b5a85736b
content-length: 47444
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 main-7a9cb2ac.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 242 KB
144 KB 176ms
171ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/main-7a9cb2ac.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a9cb2ac70fc688da3e04d190491bedce59ba8e56dd750c85763962cc5b0e5ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=f1cb4d936df94daf
content-length: 144511
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 link-list-39a8afd2.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 1 KB
3 KB 302ms
296ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/link-list-39a8afd2.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

39a8afd2ac324ec8f3be4b639ff479708afe857427c8dbf74f9f62d553791bf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Wed, 20 Mar 2024 09:47:30 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=e2625aa6b6564593
content-length: 302
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 slider-a1c1f1d9.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 9 KB
4 KB 304ms
299ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/slider-a1c1f1d9.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1c1f1d901d7ce0576d7a7626b6262d032a6a9a746f255e3f5f7369fccfbaccd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=8e8065f0579a1a19
content-length: 1526
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 teaser-slider-4c28619f.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 17 KB
5 KB 305ms
300ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/teaser-slider-4c28619f.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4c28619f0cf11535054788011fb543777442395592bb81944e3e857aab8c5294

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=2d40f574f25fe1ef
content-length: 2425
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 content-teaser-f86b7533.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 5 KB
4 KB 308ms
303ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/content-teaser-f86b7533.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f86b7533b07ecafb472c3cdf573d1a052354eeed03d44e3e730cc63237b0444c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=4407758d0db339a5
content-length: 1475
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 teaser-block-514e294b.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 309ms
305ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/teaser-block-514e294b.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

514e294bf4ee77e893266ece4b92cc59a3abd5b4845c654d2680a21bf4bd643d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Wed, 24 Apr 2024 14:05:24 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=30e67d340cf0a7ed
content-length: 924
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 highlight-icon-ebd2c53d.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 29 KB
10 KB 310ms
306ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/highlight-icon-ebd2c53d.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ebd2c53dc1e1739c079620657c5ac09d27d9772bb325b972d1db0f354774fb19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=9fbd985dd3e87b23
content-length: 8408
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 stage-marketing-f87dda9c.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 313ms
309ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/stage-marketing-f87dda9c.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f87dda9c669d99efeea2a967805a174e7c735f3b5fcc7e30d23b004e4728ddd3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=e2a3e36c695dac37
content-length: 828
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 web-quickfinder-e80dcdfd.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 431 B
2 KB 315ms
311ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/web-quickfinder-e80dcdfd.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e80dcdfd8f76d76717c9191b4b8020e423cad538e903385737a1ec28843e2e47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=1b22481ac9b407e1
content-length: 182
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 alert-a319a38a.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 317ms
313ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/alert-a319a38a.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a319a38ae4886fc5462061ec503399e572c0625e2889ae06b580d944acc2964f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=11a1f60d53fd9745
content-length: 1142
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 reactive-teaser-716bf759.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 5 KB
4 KB 318ms
314ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/reactive-teaser-716bf759.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

716bf759b8cd9cd168993e5b85ebff782757a5e893919af8ec9940bd114e75dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=dd8d49b6a6a3723d
content-length: 1361
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 co2-uhr-6e7a8d47.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 8 KB
4 KB 320ms
316ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/co2-uhr-6e7a8d47.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e7a8d4782a14c78a36858186a2d8670332fd378b415323d6d584f82e57dbe14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=f386915bbc169eeb
content-length: 1573
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 business-338ea626.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 322ms
318ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/business-338ea626.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

338ea6262fda802bb8facff37e4961a3162ab8b896a75bbe226838da5f5cc0ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=e2a0f26beccb5e3d
content-length: 966
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 db-logo.svg
assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/ 828 B
2 KB 301ms
162ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/db-logo.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="db-logo.svg"
server-timing: intid;desc=ca14f38aee4ab8c9
content-length: 480
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 14:18:43 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 Mood-SP-EU-iloveeuropa-desktop2.jpg
assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:7d693bb6-8f09-4b8c-801d-75bbff25f5a1/ 135 KB
137 KB 202ms
64ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:7d693bb6-8f09-4b8c-801d-75bbff25f5a1/Mood-SP-EU-iloveeuropa-desktop2.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d2f58a2c768e5ad894a1cee0669cd37e34a837dbb9c20ee2136ace78274ff010

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 22:01:19 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2502909
content-length: 137778
expires: Thu, 06 Jun 2024 22:02:43 GMT

GET
H2 200 quickfinder.C6_uf153.js Show response
www.bahn.de/web/assets/ 4 KB
2 KB 335ms
333ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/quickfinder.C6_uf153.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

912f72ef0e7d968042a4f734472209746b2cd56b4d0f1fb5cb49d88f6efa22d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d8f562d81770078c, intid;desc=d8f562d81770078c
content-length: 2129
x-xss-protection: 1; mode=block

GET
H2 200 common.sK8ln61i.js Show response
www.bahn.de/web/assets/ 140 KB
55 KB 336ms
334ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/common.sK8ln61i.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b40b563fca91e5d56d1e5301aac6b997c26840dd2708cd413ee11ff19f59e727

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2e1ee25b2556127b, intid;desc=2e1ee25b2556127b
content-length: 55592
x-xss-protection: 1; mode=block

GET
H2 200 superviseAssetLoading.FNcv3HJS.js Show response
www.bahn.de/web/assets/ 10 KB
5 KB 419ms
417ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4441d9d5d1f0a51d1311fe792fa8abd1b7ccfad1523d4e89799af9b3b72426a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=af55751b1251129d, intid;desc=af55751b1251129d
content-length: 4382
x-xss-protection: 1; mode=block

GET
H2 200 main.l0sNRNKZ.js Show response
www.bahn.de/web/assets/ 1 B
367 B 421ms
419ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/main.l0sNRNKZ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:34 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=9651eec7fdb3fd04, intid;desc=9651eec7fdb3fd04
content-length: 1
x-xss-protection: 1; mode=block

GET
H2 200 style.WPZAaDK4.css
www.bahn.de/web/assets/ 822 KB
146 KB 440ms
437ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/style.WPZAaDK4.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

265dcd2509dd48b16fca1aaedc51c9c82b5135691427d5019fb298cbadae695f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e0bd28f8721d37aa, intid;desc=e0bd28f8721d37aa
content-length: 148363
x-xss-protection: 1; mode=block

GET
H2 200 icon_ticket_bahncard.svg
assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:1170073b-b971-4517-9384-55b4891c2653/ 6 KB
4 KB 293ms
160ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:1170073b-b971-4517-9384-55b4891c2653/icon_ticket_bahncard.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

143149f2ee19257377ea6a0b58d25f2e9fe32998540ef0b62a878254684a3741

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Wed, 26 Jul 2023 14:29:37 GMT
content-encoding: gzip
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
server-timing: intid;desc=7a03e6f58870d2ad
content-length: 2276
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_travel_bahnbonus.svg
assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:f6f2d500-0273-4a00-8038-da20081d1cac/ 3 KB
3 KB 178ms
45ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:f6f2d500-0273-4a00-8038-da20081d1cac/icon_travel_bahnbonus.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

633f9991eab769db4706b9e33dfb63a5ccb336271371493653ec1be2a29ed7a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Sun, 01 Oct 2023 09:20:56 GMT
content-encoding: gzip
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
server-timing: intid;desc=1b4149aeccc2097d
content-length: 1126
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_travel_poi-berlin-alternative.png
assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:fdf2ec66-fd23-4dc2-80a7-db38003adc36/ 4 KB
6 KB 298ms
165ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/560x280/dam/jcr:fdf2ec66-fd23-4dc2-80a7-db38003adc36/icon_travel_poi-berlin-alternative.png

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f2038322f044499999135b7fe0be268ce9a24d23dc1b7bb1c6e3f04d4b9c7bc2

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Sun, 25 Feb 2024 13:12:36 GMT
server: Akamai Image Manager
x-serial: 1338
x-check-cacheable: YES
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=731665
content-length: 4307
expires: Fri, 17 May 2024 10:01:59 GMT

GET
H2 200 DB239784.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:45d83942-e11c-46fe-8128-c45a642fa20e/ 27 KB
29 KB 298ms
166ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:45d83942-e11c-46fe-8128-c45a642fa20e/DB239784.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aa345cb347ef58f008d9e8780af8f74a5ca75338f22ae9c410bac246f3e5597e

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 18 Mar 2024 08:03:42 GMT
server: Akamai Image Manager
x-serial: 1555
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=336893
content-length: 27252
expires: Sun, 12 May 2024 20:22:27 GMT

GET
H2 200 DB219730%202000x1000.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:17d1ecf4-e113-42e6-809e-9f28f02f030d/ 18 KB
20 KB 143ms
142ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:17d1ecf4-e113-42e6-809e-9f28f02f030d/DB219730%202000x1000.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f3a42a7403c2993d0f0bfa86b2d6d55a11c0e3e6af1d2f496d6b775eeaaf9232

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Wed, 08 May 2024 08:16:40 GMT
server: Akamai Image Manager
x-serial: 251
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2539688
content-length: 17958
expires: Fri, 07 Jun 2024 08:15:42 GMT

GET
H2 200 social-media-icons-5ae6c5fa.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 8 KB
5 KB 444ms
443ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/social-media-icons-5ae6c5fa.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5ae6c5fab9d3f0beef50b980ba992905dae3f2b813f36fd177e2eb52921a277a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 05 Feb 2024 18:59:40 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=f9f3fe50e3a00375
content-length: 3313
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 footer-image-bar-21839a74.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 2 KB
3 KB 449ms
447ms Stylesheet
text/css 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/footer-image-bar-21839a74.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

21839a7404f2f6c58da0e2eb4dd97153566ade111226822bc05813e05770cafa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 22 Apr 2024 13:59:57 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=53aa080c07310187
content-length: 481
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 paypal.svg
assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/ 11 KB
7 KB 148ms
147ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/paypal.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="paypal.svg"
server-timing: intid;desc=ab8e85281605e24f
content-length: 4621
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 10:49:07 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_action_credit-card_1z1_fix.svg
assets.static-bahn.de/dam/jcr:edff799a-7517-4bff-9655-e569cb1269d9/ 2 KB
3 KB 152ms
151ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:edff799a-7517-4bff-9655-e569cb1269d9/icon_action_credit-card_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b61a0d1104a1e7143331130d523d2818cd93b466fbafd28034250ad09f7522

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_credit-card_1z1_fix.svg"
server-timing: intid;desc=1543e83e328edb91
content-length: 1156
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Dec 2023 12:07:29 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_action_SEPA_1z1_fix.svg
assets.static-bahn.de/dam/jcr:0850a93d-94a7-4d9c-88b4-23735103fa58/ 4 KB
4 KB 158ms
157ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:0850a93d-94a7-4d9c-88b4-23735103fa58/icon_action_SEPA_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d5865f67a25e1a395c3acff873f8a053bf8e1ee45028fce3de94348d92c8705

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_SEPA_1z1_fix.svg"
server-timing: intid;desc=ccfa302a821eadf1
content-length: 1567
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Dec 2023 12:07:51 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_action_giropay_1z1_fix.svg
assets.static-bahn.de/dam/jcr:65863c1f-5208-4136-9059-fa2be9eef038/ 7 KB
5 KB 159ms
159ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:65863c1f-5208-4136-9059-fa2be9eef038/icon_action_giropay_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dfd2a379d47c84d2fb258a52c0dab620bccbb859e30d498946182208bbae2bc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_giropay_1z1_fix.svg"
server-timing: intid;desc=eac2ef74902ae73f
content-length: 2793
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Feb 2024 15:02:10 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 icon_action_apple-pay_1z1_fix.svg
assets.static-bahn.de/dam/jcr:bf72ae9d-3274-4e8a-af14-1b5d88ca5ae7/ 3 KB
4 KB 160ms
160ms Image
image/svg+xml 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:bf72ae9d-3274-4e8a-af14-1b5d88ca5ae7/icon_action_apple-pay_1z1_fix.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b76a5e8ca4f9a0e58f9eb8b3c80c47dd7cf499386bfd8078f4e842b712324a6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
content-encoding: gzip
content-disposition: attachment; filename="icon_action_apple-pay_1z1_fix.svg"
server-timing: intid;desc=7089eff7c8ea7837
content-length: 1264
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 11:04:08 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Fri, 07 Jun 2024 22:47:34 GMT

GET
H2 200 scripts-1f757195.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 58 KB
22 KB 421ms
420ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

375cdec0891e3305dd9576e70d3faf2a2dac3a3b31dff5f9a18d266f1d62160b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=916f3447f62c6823
content-length: 19738
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 chunk-KYHCSOBP-52cc5312.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 20 KB
10 KB 253ms
252ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/chunk-KYHCSOBP-52cc5312.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e305d77ed7a06fbad0cab87fd095f513526e28a7c99e3859e2c444de4753d8c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=6ab96e1ccca870df
content-length: 7938
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 initUserContextService-c9dd429b.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 81 KB
27 KB 255ms
254ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-c9dd429b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aa003146314e833d98e6960fc6f1da38870c720ea6ea87e22082be760706dc8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=ab21c486c0bf251f
content-length: 25403
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 vid-a25d5418.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 9 KB
6 KB 260ms
259ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/vid-a25d5418.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

90a753324cb9928cffea4988e539d2ea6e3819e967f222046a2f636a13f5bd9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=60194e5fad7dea7f
content-length: 4188
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 isGkAdmin-e73cd075.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 632 B
3 KB 265ms
264ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/isGkAdmin-e73cd075.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00c79bb45f16f5ed4acb22b39a2827c0e6ed8c2bf46859136d1a7fc2b9841fea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=5cce40fd8a8b19c1
content-length: 401
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
H2 200 chunk-M3V43RYW-68f10927.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 147 B
2 KB 267ms
266ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/chunk-M3V43RYW-68f10927.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

220b416e922cf74f723ea3d607444f68e8237d0d5bebe2792b983afa53a2f0d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=a7d6cd9d8637e481
content-length: 152
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:34 GMT

GET
DATA 200
OK truncated
/ 364 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0c58646f6d51cae4b6a321a4cda8506061527ec8ed23b7bd6ecf3467e99a0e4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 455 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80da003d8010021f3babdeafc674e173263d44a224d742b2499ea57e5ef09b19

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 initTracking-43df5d53.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 11 KB
7 KB 86ms
86ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/initTracking-43df5d53.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8edb1db5aaee3ed9a0dc9d75057798d926271da0af1dc716d96018c2e11c158d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=465d67218e7b4997
content-length: 4553
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a30e6d88034ba9769cf08be9b3069814dfaf577fde4ad1d887b54abc2cdae057

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e2fb2fa919688694a9e78981ffe2471094402e3e4b7918038f3eef7e9b07bd5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 385b89f7813e4dbf690ea1864d81549e33592c4e36c1f78de6b929cf7b8dfc66

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 502 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bae8bf6467be2976864f9c450716c1b96536fc2bcaacab3fd5685d9a02684f6d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b432b7ab78b80c49e0893b5e1fb1c59a4a3341553f9617b628b34efcab3cff4c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a217d4782d409d6a264908367f91ebed4ccd62d8e7a645b68eda7c09e4ab49c9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AppWithErrorHandler.BwVKH373.js Show response
www.bahn.de/web/assets/ 31 KB
12 KB 95ms
69ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/AppWithErrorHandler.BwVKH373.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e559ae34f073280668b0fac759df52e7584129f374ee60746a287f58cc12d4c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=415a303e78cdbed8, intid;desc=415a303e78cdbed8
content-length: 11826
x-xss-protection: 1; mode=block

GET
H2 200 useVeeValidate.BC9TfE0L.js Show response
www.bahn.de/web/assets/ 27 KB
9 KB 115ms
88ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useVeeValidate.BC9TfE0L.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

004967ab6f2dd731073b766dfb6851a8d53e426caf6b1742f1e76efaed342886

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b2caa0b9b9ac30b9, intid;desc=b2caa0b9b9ac30b9
content-length: 9230
x-xss-protection: 1; mode=block

GET
H2 200 vee-validate.esm.CBZTmQQd.js Show response
www.bahn.de/web/assets/ 38 KB
13 KB 116ms
90ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/vee-validate.esm.CBZTmQQd.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

51d8ab5fac5605bfcfc3ba4693985faa28e54b8c9a183c76bc4428bd50ea6d4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=073721ac862c1c71, intid;desc=073721ac862c1c71
content-length: 13330
x-xss-protection: 1; mode=block

GET
H2 200 DiagnosticsService.bWYuJAm0.js Show response
www.bahn.de/web/assets/ 76 KB
29 KB 96ms
69ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DiagnosticsService.bWYuJAm0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

373a2b8e9bfaf125d489f8ca800ee9ac6176143c86c406fcb2405b35334be414

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ea7e1e8a741be853, intid;desc=ea7e1e8a741be853
content-length: 29587
x-xss-protection: 1; mode=block

GET
H2 200 ValidationRules.eqET5L3p.js Show response
www.bahn.de/web/assets/ 2 KB
968 B 116ms
90ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ValidationRules.eqET5L3p.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3560a5fb67a08c7c7ad059b361447ae57b4ac76d25de42f80dc09f9c6945ccca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=040dde401b710478, intid;desc=040dde401b710478
content-length: 582
x-xss-protection: 1; mode=block

GET
H2 200 common.CQ5_n4pE.js Show response
www.bahn.de/web/assets/ 295 KB
85 KB 117ms
91ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/common.CQ5_n4pE.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f2d3708586e94b4ffe4949dd601067202e0f96ee3a374d10dc52e9ab23dae6d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b212f4392360c184, intid;desc=b212f4392360c184
content-length: 86654
x-xss-protection: 1; mode=block

GET
H2 200 DateFormatsForPresentation.CiIF7hZH.js Show response
www.bahn.de/web/assets/ 762 B
710 B 125ms
100ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DateFormatsForPresentation.CiIF7hZH.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a76f0f1844df1599be4e4dc80baf0d0e3da35efc055240baf5b664fc154977d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Thu, 21 Mar 2024 09:17:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d2155ccd3b6cab39, intid;desc=d2155ccd3b6cab39
content-length: 324
x-xss-protection: 1; mode=block

GET
H2 200 index.DAo6rDNw.js Show response
www.bahn.de/web/assets/ 10 KB
3 KB 126ms
101ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.DAo6rDNw.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f869b9fdde669c6405c2fd97db45b3cd38dd47e58aa55ffc5669053856cdce9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=bbbe1a7a7632e785, intid;desc=bbbe1a7a7632e785
content-length: 2920
x-xss-protection: 1; mode=block

GET
H2 200 DBWebMessageBarContent.vue.n0FmmhJt.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 126ms
101ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebMessageBarContent.vue.n0FmmhJt.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dd7e7c1a5eaab70a889019d8cd88d751a80c9350738d0fbbf46b08d2a1899afa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6bcf32961c0c1a40, intid;desc=6bcf32961c0c1a40
content-length: 1503
x-xss-protection: 1; mode=block

GET
H2 200 MessageBarLevel.NA7SiRO2.js Show response
www.bahn.de/web/assets/ 279 B
589 B 126ms
101ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/MessageBarLevel.NA7SiRO2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d131fe598551c93fc807718be8464d5600ebd0cc80cb4b2a468867cc6e8e76a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8b214b3ba1e54b65, intid;desc=8b214b3ba1e54b65
content-length: 202
x-xss-protection: 1; mode=block

GET
H2 200 IconsEnum.BwThUe-n.js Show response
www.bahn.de/web/assets/ 6 KB
3 KB 169ms
144ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/IconsEnum.BwThUe-n.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

25b446bf901432eefb4047afd6a4a27165e3526f8e3b3e5f69ad29024813940a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Thu, 11 Apr 2024 10:18:17 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f82cd568de5561a8, intid;desc=f82cd568de5561a8
content-length: 2597
x-xss-protection: 1; mode=block

GET
H2 200 useDBWebSnackbar.CGXn_1BJ.js Show response
www.bahn.de/web/assets/ 216 B
584 B 170ms
145ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useDBWebSnackbar.CGXn_1BJ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c28453dbea601b3c76b8498085f92b614d19362c22ba1f27023a02b978d10d70

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=96272df8f99a0b1b, intid;desc=96272df8f99a0b1b
content-length: 196
x-xss-protection: 1; mode=block

GET
H2 200 injectOrThrow.DmWNbqTJ.js Show response
www.bahn.de/web/assets/ 340 B
653 B 171ms
146ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/injectOrThrow.DmWNbqTJ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1ec4c402d6fc597a0760fee2dbf3365a1fc14e026222d265607ed458da07e3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=1012e0cfa9419727, intid;desc=1012e0cfa9419727
content-length: 267
x-xss-protection: 1; mode=block

GET
H2 200 useDBWebDialog.CdU1YxSk.js Show response
www.bahn.de/web/assets/ 214 B
583 B 171ms
147ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useDBWebDialog.CdU1YxSk.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8748ba4fb85bb50d55ea83d11395be03d76f9f6f2e9a029f13efaa63099f8d69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8611eabce5e39401, intid;desc=8611eabce5e39401
content-length: 197
x-xss-protection: 1; mode=block

GET
H2 200 TabTrapDirective.dzf1WsgZ.js Show response
www.bahn.de/web/assets/ 1 KB
1015 B 172ms
148ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/TabTrapDirective.dzf1WsgZ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a45893c7b6806665477b7530618bfeb57bafe65efe22af8e76e86d6dd86f2cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ceda13823fc14038, intid;desc=ceda13823fc14038
content-length: 629
x-xss-protection: 1; mode=block

GET
H2 200 KeyCode.Ce7l9Lq7.js Show response
www.bahn.de/web/assets/ 223 B
569 B 172ms
140ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/KeyCode.Ce7l9Lq7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7aed557141c727f4fe2aef5da1db65af23b6aa141ba34af7c9e3e30bef269a3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b0f64086d85fb395, intid;desc=b0f64086d85fb395
content-length: 182
x-xss-protection: 1; mode=block

GET
H2 200 enrichGlobalErrorWithLogData.DWFy2Q_2.js Show response
www.bahn.de/web/assets/ 12 KB
5 KB 172ms
141ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/enrichGlobalErrorWithLogData.DWFy2Q_2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fd53ef283f7382e7b9dfea79e1815d9456979d52efe05f942f51741c29b01443

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c6125a7a4e304202, intid;desc=c6125a7a4e304202
content-length: 4916
x-xss-protection: 1; mode=block

GET
H2 200 chunk-DTHKBJTK.DFfCXeP4.js Show response
www.bahn.de/web/assets/ 239 B
543 B 173ms
141ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-DTHKBJTK.DFfCXeP4.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bab9a90d183e8a4e919ac8909444e208bf7b064c8374de3e4625b27067e5ac61

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=eab505f9ca74d544, intid;desc=eab505f9ca74d544
content-length: 155
x-xss-protection: 1; mode=block

GET
H2 200 pushPageLoadEventsIntoDataLayer.C8iHTEV6.js Show response
www.bahn.de/web/assets/ 4 KB
2 KB 173ms
142ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/pushPageLoadEventsIntoDataLayer.C8iHTEV6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edec089a1a2210a73e489c702936ae7f5cc480ee0bfdf09403ffd85f430622bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=49b91bc071a176c7, intid;desc=49b91bc071a176c7
content-length: 1497
x-xss-protection: 1; mode=block

GET
H2 200 DBWebLinkTarget.CYTlGHoa.js Show response
www.bahn.de/web/assets/ 49 B
452 B 174ms
143ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebLinkTarget.CYTlGHoa.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7b9dbe5bf7f45efceda6277e79783f1a3bb3a1812171a9e4bbbfbecb7a22ffa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ffef8ac234da3bc1, intid;desc=ffef8ac234da3bc1
content-length: 67
x-xss-protection: 1; mode=block

GET
H2 200 DBWebLink.vue.BsmMI03T.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 174ms
144ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebLink.vue.BsmMI03T.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f4a6283ade3ba1e9300f5a9bc9593c32f246ad33adaa33011422c668b89db486

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c03d078bcc88eadd, intid;desc=c03d078bcc88eadd
content-length: 1538
x-xss-protection: 1; mode=block

GET
H2 200 DBWebActionResult.vue.BGJgXTzj.js Show response
www.bahn.de/web/assets/ 1 KB
972 B 174ms
144ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebActionResult.vue.BGJgXTzj.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8fd8c3260ca4a8bf8523489dc6aa2bd71461129b8cb3e5f83e1d147a962fed39

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=32a7303c0700844b, intid;desc=32a7303c0700844b
content-length: 586
x-xss-protection: 1; mode=block

GET
H2 200 DBWebPicture.vue.B5OicIkD.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 174ms
145ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebPicture.vue.B5OicIkD.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

95f9be4ee6ea59c275929d62878515273ee7162920a46a10cccaf46b8f8da07d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8a2b5b98620e2874, intid;desc=8a2b5b98620e2874
content-length: 827
x-xss-protection: 1; mode=block

GET
H2 200 isSlotFilled.C1jjGpSL.js Show response
www.bahn.de/web/assets/ 441 B
643 B 174ms
146ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/isSlotFilled.C1jjGpSL.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2a24228bfdb093197e68e3b3753a1a880281c1b59625769aa0f09abe62e8c2a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a0554b48dba6f739, intid;desc=a0554b48dba6f739
content-length: 255
x-xss-protection: 1; mode=block

GET
H2 200 DBWebIconMessage.vue.LvRUY7Rr.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 175ms
146ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebIconMessage.vue.LvRUY7Rr.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c63a931c0e0e324e65626ddcced4219bc85111d5c99d0fec9fa83b8825cac3fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8007a2a08ae58382, intid;desc=8007a2a08ae58382
content-length: 894
x-xss-protection: 1; mode=block

GET
H2 200 CssAlignment.CGAsdcvJ.js Show response
www.bahn.de/web/assets/ 126 B
517 B 175ms
147ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/CssAlignment.CGAsdcvJ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

01efa399098291b179fd194e4f65ae66d579b3e29c8c513dc636964c70e4fdf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a81f168cd9dbb507, intid;desc=a81f168cd9dbb507
content-length: 130
x-xss-protection: 1; mode=block

GET
H2 200 es.string.trim.nafRbypt.js Show response
www.bahn.de/web/assets/ 749 B
1 KB 175ms
148ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/es.string.trim.nafRbypt.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a5336d82ab214d113e6bd0ba2794ae62eaf283a6bc39c6c7cc4a1baca224e661

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2ca413e98f7dfafb, intid;desc=2ca413e98f7dfafb
content-length: 749
x-xss-protection: 1; mode=block

GET
H2 200 createQuickfinderApp.Cqx_QVy3.js Show response
www.bahn.de/web/assets/ 5 KB
3 KB 175ms
148ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/createQuickfinderApp.Cqx_QVy3.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f24a5497631c6bb99fae9e1451083458a26b3b254bf6363dc0ae7d452331ef1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=224a704fc2c1dd6e, intid;desc=224a704fc2c1dd6e
content-length: 2442
x-xss-protection: 1; mode=block

GET
H2 200 abTestingServiceKey.BtK6dDUi.js Show response
www.bahn.de/web/assets/ 100 KB
31 KB 174ms
149ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/abTestingServiceKey.BtK6dDUi.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf34841538378b7921bc20edf8729ccd1089e6c1cfd52b0555d23c64be50d1b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6a8a1295478d7a27, intid;desc=6a8a1295478d7a27
content-length: 31014
x-xss-protection: 1; mode=block

GET
H2 200 QuickFinderApp.9o6Fp6ZG.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 176ms
151ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/QuickFinderApp.9o6Fp6ZG.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8ae6c6ea455ff9ce56e7fb2200240a9ab9a6a49b7cc19df1f51669ae3c4185a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=02d8516b79bfe50e, intid;desc=02d8516b79bfe50e
content-length: 1090
x-xss-protection: 1; mode=block

GET
H2 200 QuickFinder.CAh6DWSW.js Show response
www.bahn.de/web/assets/ 263 KB
78 KB 177ms
152ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/QuickFinder.CAh6DWSW.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

04b55c1084ea7cb15f8e38d40927d2403f368f3ccee6facebd3d2ceb8579672d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2ad0479606ad3526, intid;desc=2ad0479606ad3526
content-length: 79806
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTransitionScaleOut.vue.DxVAgvEJ.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 185ms
160ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTransitionScaleOut.vue.DxVAgvEJ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

edf94f19f202c505f9427d440a197c0f989994cca0a873aff1ffcdeeb9f52b6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=5de2c8924e21341f, intid;desc=5de2c8924e21341f
content-length: 753
x-xss-protection: 1; mode=block

GET
H2 200 ClickOutsideDirective.C43NH23H.js Show response
www.bahn.de/web/assets/ 754 B
841 B 198ms
174ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ClickOutsideDirective.C43NH23H.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff5f844f63356d67d95c505ca673f7fc0d6e9443cb816cd5fc08e53703df9a2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=dd2512632cfa57a8, intid;desc=dd2512632cfa57a8
content-length: 455
x-xss-protection: 1; mode=block

GET
H2 200 chunk-HSXCYZMJ.YV1mKXg2.js Show response
www.bahn.de/web/assets/ 25 KB
6 KB 185ms
161ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-HSXCYZMJ.YV1mKXg2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

652ad7f468f93d43326e59a022055342bc1ca44808c995bea48ee851eade67c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=5fecbf3c0cdd35e8, intid;desc=5fecbf3c0cdd35e8
content-length: 5655
x-xss-protection: 1; mode=block

GET
H2 200 chunk-XYWE3BZH.n91lw_s9.js Show response
www.bahn.de/web/assets/ 206 B
573 B 198ms
175ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-XYWE3BZH.n91lw_s9.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d7de0a29a1e43569614f34623cf022cd3e4ccb7d4468c918c1b7e48e0494ecc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=27f774760e81f1c8, intid;desc=27f774760e81f1c8
content-length: 187
x-xss-protection: 1; mode=block

GET
H2 200 duration.filter.ChHINRZf.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 185ms
162ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/duration.filter.ChHINRZf.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c5f6069240f95b88827d5b71689ed78819fd93c273e69f08fd0332ba3692efdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c8422654e19c8719, intid;desc=c8422654e19c8719
content-length: 639
x-xss-protection: 1; mode=block

GET
H2 200 addSeconds.BooJ_4rV.js Show response
www.bahn.de/web/assets/ 189 B
565 B 185ms
162ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/addSeconds.BooJ_4rV.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

529f6f9ba1053e1105749bc113e0e86d5417818ee2f7ae901d831cceeeb8d637

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=cd482788760a7e9e, intid;desc=cd482788760a7e9e
content-length: 179
x-xss-protection: 1; mode=block

GET
H2 200 differenceInMilliseconds.iL6JUpHJ.js Show response
www.bahn.de/web/assets/ 307 B
643 B 186ms
163ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/differenceInMilliseconds.iL6JUpHJ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

76c345052452f884322c0636936cdf5d1c11cadce6bb4277d21c16917d554387

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2f6ad76047518960, intid;desc=2f6ad76047518960
content-length: 255
x-xss-protection: 1; mode=block

GET
H2 200 addHours.CBB6IPuF.js Show response
www.bahn.de/web/assets/ 193 B
566 B 186ms
163ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/addHours.CBB6IPuF.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

879ad41fe324132d417ec981c236357c073d0f2700d40e2be0a5563952c6c401

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c6ae4b3bb50e6c6f, intid;desc=c6ae4b3bb50e6c6f
content-length: 181
x-xss-protection: 1; mode=block

GET
H2 200 chunk-GOAMF7IW.BDvq9oF_.js Show response
www.bahn.de/web/assets/ 331 B
637 B 186ms
164ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-GOAMF7IW.BDvq9oF_.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d13b72b65d430069f487c0b543168b4a461226c247284d4a4f74bbcd06265b2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c2df87a6026f068f, intid;desc=c2df87a6026f068f
content-length: 252
x-xss-protection: 1; mode=block

GET
H2 200 useUserContext.B8uBZMY_.js Show response
www.bahn.de/web/assets/ 479 B
686 B 197ms
175ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useUserContext.B8uBZMY_.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

014c0f1b026c611b5681e75f531da9deba799fbca1327049fb85e37b3dc3caa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=89c83c746e4690ea, intid;desc=89c83c746e4690ea
content-length: 301
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSwitch.vue_vue_type_script_setup_true_lang.B4y6dzWP.js Show response
www.bahn.de/web/assets/ 1 KB
1023 B 185ms
164ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSwitch.vue_vue_type_script_setup_true_lang.B4y6dzWP.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

173443422d73fc3154ad5f94f6d32d2050face316e65084b1fe18fe31721df62

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=868f87997e98eaff, intid;desc=868f87997e98eaff
content-length: 635
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSwitchList.BhYFp8ml.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 197ms
176ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSwitchList.BhYFp8ml.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a55e2ac9fba134d313f28d7b7c229fc100b34406dae3951f6459b5e1de8bb492

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=bf91c88acc273e9a, intid;desc=bf91c88acc273e9a
content-length: 1411
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTooltip.vue.CEolpeqg.js Show response
www.bahn.de/web/assets/ 23 KB
9 KB 197ms
177ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTooltip.vue.CEolpeqg.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a331c090244f7164c5dd3ee9c40ea596093064c87a6a4c2f7cf7abf81fcc1f92

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=80783bca7f854f9e, intid;desc=80783bca7f854f9e
content-length: 9265
x-xss-protection: 1; mode=block

GET
H2 200 purify.es.B34UM_dG.js Show response
www.bahn.de/web/assets/ 21 KB
9 KB 198ms
176ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/purify.es.B34UM_dG.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0cef0a9b83051ef44ae89fb695fdeacab7328784d18c9ff86adad485f80cf408

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 17 Apr 2024 07:33:09 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=afc96ab1abad39e8, intid;desc=afc96ab1abad39e8
content-length: 8523
x-xss-protection: 1; mode=block

GET
H2 200 DBWebAccordionGroup.vue.DM1BNHAN.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 199ms
176ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebAccordionGroup.vue.DM1BNHAN.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d0e87a4300fddf79fe78665c5ac1822beb06803ea14e5a697eba36975766c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d36dcf46038480b1, intid;desc=d36dcf46038480b1
content-length: 865
x-xss-protection: 1; mode=block

GET
H2 200 ButtonOverlayController.BkiLRTCa.js Show response
www.bahn.de/web/assets/ 6 KB
3 KB 199ms
177ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ButtonOverlayController.BkiLRTCa.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b61d3eb82c569582d5a2a5347397b81cd9b5412eeb8821ab08c76fa290937ffc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=49e3980b0dd4604b, intid;desc=49e3980b0dd4604b
content-length: 2327
x-xss-protection: 1; mode=block

GET
H2 200 ButtonOverlayBodyContainer.T7mkoS6e.js Show response
www.bahn.de/web/assets/ 8 KB
4 KB 199ms
177ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ButtonOverlayBodyContainer.T7mkoS6e.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

06cf824673d5888d09c47f0097680a07ccd568ba3f9f636dd4b1addf612a4d55

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=aadd29a3ba41b7c3, intid;desc=aadd29a3ba41b7c3
content-length: 3305
x-xss-protection: 1; mode=block

GET
H2 200 toNumber.ChWXte_t.js Show response
www.bahn.de/web/assets/ 747 B
885 B 184ms
163ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/toNumber.ChWXte_t.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d4a12bfe11a7d7d3583f434e8c94c6bb9ccb7a1f2421e45d32f5de9ec0c40467

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=152d99b5d842dbd0, intid;desc=152d99b5d842dbd0
content-length: 497
x-xss-protection: 1; mode=block

GET
H2 200 isSymbol.xIXKgzsG.js Show response
www.bahn.de/web/assets/ 256 B
608 B 198ms
178ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/isSymbol.xIXKgzsG.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7526eddf42c1e1ae73b612e013d5bfc9969fb9bc0b294069fd46a9648c864166

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=541691348b4fa77d, intid;desc=541691348b4fa77d
content-length: 221
x-xss-protection: 1; mode=block

GET
H2 200 ScrollService.Bor_eyRs.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 198ms
178ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ScrollService.Bor_eyRs.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa6ad67c6f74af5e89f3b43dcb2c7eaf2c3051e2150787f66ccd5d3d594bea39

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2d6809ab68c670f1, intid;desc=2d6809ab68c670f1
content-length: 734
x-xss-protection: 1; mode=block

GET
H2 200 convertPixelToRem.BViWfW1N.js Show response
www.bahn.de/web/assets/ 181 B
559 B 199ms
179ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/convertPixelToRem.BViWfW1N.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

67607fb6eb08f13f65d4f9ce0e2f5905b1d89342ebc1c4cc5db9e9ca3bd7e488

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7b5181f199ccc61b, intid;desc=7b5181f199ccc61b
content-length: 173
x-xss-protection: 1; mode=block

GET
H2 200 HinRueckTabBar.vue_vue_type_script_setup_true_lang.YA3g6D71.js Show response
www.bahn.de/web/assets/ 743 B
1 KB 198ms
179ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/HinRueckTabBar.vue_vue_type_script_setup_true_lang.YA3g6D71.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

258918f5b1303525ef92c4669c1c14554f64c9985f91be3ab47ce03e3b525bcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 06 May 2024 12:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ec697865d9b04ac8, intid;desc=ec697865d9b04ac8
content-length: 743
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTabBar.Bk2pwaVq.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 199ms
180ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTabBar.Bk2pwaVq.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

86244ba69fd89e08d2dabf360bf9ba78d8a799795a93942f83ea095a720481cd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6e0bc90c83927fb3, intid;desc=6e0bc90c83927fb3
content-length: 893
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSelect.vue.DSaWEua1.js Show response
www.bahn.de/web/assets/ 9 KB
4 KB 199ms
180ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSelect.vue.DSaWEua1.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ececb2707d82361eb570df465a60b66f32a1b7fac9baff8d981dc8682a1e961f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=82ca0746bc8446e1, intid;desc=82ca0746bc8446e1
content-length: 3553
x-xss-protection: 1; mode=block

GET
H2 200 InputTheme.BYPJVa9c.js Show response
www.bahn.de/web/assets/ 111 B
508 B 199ms
181ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/InputTheme.BYPJVa9c.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85579e9fbeab0e4943893ca363ea25d026cad8f601d80989b276a99a36b99295

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=32184f7ab266c7e9, intid;desc=32184f7ab266c7e9
content-length: 123
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSelectList.vue.DToNOwiO.js Show response
www.bahn.de/web/assets/ 8 KB
3 KB 200ms
182ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSelectList.vue.DToNOwiO.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ec1c67a9fef8b807e48714e39308b2609a2b799e5ec667d1957bf4d2c056bd7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=1af5e9e59def4157, intid;desc=1af5e9e59def4157
content-length: 2873
x-xss-protection: 1; mode=block

GET
H2 200 QuickFinderZeitauswahlAsyncLoader.BYFaA_zE.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 200ms
182ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/QuickFinderZeitauswahlAsyncLoader.BYFaA_zE.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

71533b86b1df191c77d6e8558ab1a3498806c6486e2f3a48e560bb70fb94e67d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=fe07be9a7b99435c, intid;desc=fe07be9a7b99435c
content-length: 1824
x-xss-protection: 1; mode=block

GET
H2 200 QuickFinderZeitauswahl.vue_vue_type_script_setup_true_lang.CftN29vN.js Show response
www.bahn.de/web/assets/ 36 KB
12 KB 200ms
183ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/QuickFinderZeitauswahl.vue_vue_type_script_setup_true_lang.CftN29vN.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e94b47b3b0142c403bc3d0de6405034f8702c54210ee91087d22ccca219f90a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=3f8508f2343ae9f3, intid;desc=3f8508f2343ae9f3
content-length: 12209
x-xss-protection: 1; mode=block

GET
H2 200 VerkehrsmittelUtils.DDd0BcW8.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 202ms
185ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/VerkehrsmittelUtils.DDd0BcW8.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2458351cc8d5d1e8921d69120dccbd6f2d3e1c31acccb904e883775cb480ef60

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=0e0de65182333a7b, intid;desc=0e0de65182333a7b
content-length: 678
x-xss-protection: 1; mode=block

GET
H2 200 IconSize.Bn0l0K6i.js Show response
www.bahn.de/web/assets/ 49 B
456 B 202ms
186ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/IconSize.Bn0l0K6i.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1a3a19f77ff8c267850a693e68799808c9a0c08c26788f456916ac21a8ded18c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 23 Apr 2024 13:22:35 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=96fc3888920fa97c, intid;desc=96fc3888920fa97c
content-length: 69
x-xss-protection: 1; mode=block

GET
H2 200 isSameDay.DuvyCTur.js Show response
www.bahn.de/web/assets/ 203 B
577 B 202ms
187ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/isSameDay.DuvyCTur.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

857894e2a3a8dd0864f295ad83057fb26142f56ff77184359a333e9e07d25c6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b7e90a7283d45f79, intid;desc=b7e90a7283d45f79
content-length: 190
x-xss-protection: 1; mode=block

GET
H2 200 dateFormat.C9FjrXcq.js Show response
www.bahn.de/web/assets/ 522 B
703 B 203ms
188ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/dateFormat.C9FjrXcq.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e35cbfaece66e0dca05e020ba1b9cbdd130e10107c67676195897faaf4b0327

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=00e69964857d5e81, intid;desc=00e69964857d5e81
content-length: 315
x-xss-protection: 1; mode=block

GET
H2 200 DBWebAccordion.vue.DI-z0FD2.js Show response
www.bahn.de/web/assets/ 13 KB
4 KB 203ms
188ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebAccordion.vue.DI-z0FD2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf434869ef5002c11f985c79e23e2fb66528ab6bf73364160bd7ffbaab434987

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2a8625f5c29a064a, intid;desc=2a8625f5c29a064a
content-length: 4089
x-xss-protection: 1; mode=block

GET
H2 200 accordion_default.svg.I1JQJItR.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 203ms
189ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/accordion_default.svg.I1JQJItR.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e5c0559b6c07d59124a7fd2061611b0812abc4338098f58cc3fe6946d55e1d1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2a749cac64875bf5, intid;desc=2a749cac64875bf5
content-length: 1057
x-xss-protection: 1; mode=block

GET
H2 200 DBWebExplicitSpace.dq3VkGRg.js Show response
www.bahn.de/web/assets/ 193 B
559 B 204ms
190ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebExplicitSpace.dq3VkGRg.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4cafe07adab1093df75744bb7e9b011f42b8fede68649b07829c911258affb69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6bead43eacc1efb2, intid;desc=6bead43eacc1efb2
content-length: 193
x-xss-protection: 1; mode=block

GET
H2 200 OrteService.BpjrP9dT.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 204ms
190ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/OrteService.BpjrP9dT.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9933184f53725c1fe496747ae093a2aa7f99d8e3824f8de45dd1fca12b0bbd5c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=3d3a744324802525, intid;desc=3d3a744324802525
content-length: 1489
x-xss-protection: 1; mode=block

GET
H2 200 chunk-FIVKRO5M.DiYln20q.js Show response
www.bahn.de/web/assets/ 111 B
511 B 204ms
191ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-FIVKRO5M.DiYln20q.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8820e5156cf08b4f9ef783359c1bc6d4d747d12513161a9d0f5db2e3fd11abb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6d834b1e6953d9a1, intid;desc=6d834b1e6953d9a1
content-length: 124
x-xss-protection: 1; mode=block

GET
H2 200 DBWebDuration.G9TZzUgq.js Show response
www.bahn.de/web/assets/ 11 KB
4 KB 204ms
191ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebDuration.G9TZzUgq.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

19408d7a6fb05e3a6c40c69928b61de0174e1ab68f6de54dba3d2de212fea4d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=79cf835253f91b27, intid;desc=79cf835253f91b27
content-length: 3476
x-xss-protection: 1; mode=block

GET
H2 200 DBWebHaltSearch.BC0igu6T.js Show response
www.bahn.de/web/assets/ 22 KB
8 KB 204ms
192ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebHaltSearch.BC0igu6T.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

65638b0cc7e3892ede81570b01f5acf512a0d4605144c54da5dea8ac64746783

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ca94de7e2e7ca80c, intid;desc=ca94de7e2e7ca80c
content-length: 7679
x-xss-protection: 1; mode=block

GET
H2 200 chunk-NIGAQNSE.DMonTUR8.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 208ms
195ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-NIGAQNSE.DMonTUR8.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5151aad810688882f8bb5afb431e9e0f94b5009fce58b7d857e1a6e4057a0d2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=829fe460a90eaa70, intid;desc=829fe460a90eaa70
content-length: 876
x-xss-protection: 1; mode=block

GET
H2 200 useZeitauswahl.L6Dj_N7R.js Show response
www.bahn.de/web/assets/ 632 B
798 B 208ms
197ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useZeitauswahl.L6Dj_N7R.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b164f6be3426bc00a48e20dc693e712eb9bed0dbf159ffebc63809457e45c65

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b38fc4dfbaec8056, intid;desc=b38fc4dfbaec8056
content-length: 411
x-xss-protection: 1; mode=block

GET
H2 200 DateState.n5gADSJ-.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 208ms
197ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DateState.n5gADSJ-.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

204b5cf20139fc5254054b95f65dd187944afca26abf8eee2146791a6ac19c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=30633fc929437bd2, intid;desc=30633fc929437bd2
content-length: 1001
x-xss-protection: 1; mode=block

GET
H2 200 chunk-4RP2N3TY.DOh6QFeZ.js Show response
www.bahn.de/web/assets/ 489 B
715 B 220ms
209ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-4RP2N3TY.DOh6QFeZ.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0066d04dbc28eda02014d306069d0e715b72dd18d58e846e91db58415030b65c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2fd5233c8bb19fb9, intid;desc=2fd5233c8bb19fb9
content-length: 327
x-xss-protection: 1; mode=block

GET
H2 200 addMonths.C05xIMwo.js Show response
www.bahn.de/web/assets/ 388 B
667 B 208ms
198ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/addMonths.C05xIMwo.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a8a95996d20de1d5f2fdaf84cedcadd36419ef637be861039015e672a9f2dd3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e85212a66e970299, intid;desc=e85212a66e970299
content-length: 282
x-xss-protection: 1; mode=block

GET
H2 200 add.BigAaZi6.js Show response
www.bahn.de/web/assets/ 451 B
738 B 209ms
199ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/add.BigAaZi6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ece45ab8aa231404e7938578a027453ff8f52d0365fd3a4c2289bf64c4b6e67e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=397cbdcceb14a7aa, intid;desc=397cbdcceb14a7aa
content-length: 352
x-xss-protection: 1; mode=block

GET
H2 200 chunk-GFPQVW4U.CoX4qQ__.js Show response
www.bahn.de/web/assets/ 3 KB
4 KB 209ms
199ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-GFPQVW4U.CoX4qQ__.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

611f5e000898b180a1c311a2e94ce5fa3ab9e76da84fb515c2431add89eb5d4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 06 May 2024 12:18:04 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=56c5a2f861a24b16, intid;desc=56c5a2f861a24b16
content-length: 3531
x-xss-protection: 1; mode=block

GET
H2 200 ReisendeSummary.DQh-rw7y.js Show response
www.bahn.de/web/assets/ 18 KB
7 KB 209ms
200ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisendeSummary.DQh-rw7y.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae848778968551e1459350c0df660126501385502483b3a85ce65a946d68ee37

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2f63597d72784ad9, intid;desc=2f63597d72784ad9
content-length: 6322
x-xss-protection: 1; mode=block

GET
H2 200 DBWebExpansionToggle.2d-z_VKK.js Show response
www.bahn.de/web/assets/ 1 KB
1006 B 210ms
201ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebExpansionToggle.2d-z_VKK.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

762d5b826682d6b65116529b53784bf2bb11e67323dd3df1ff95860091d7d94f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f08c5b0692094bdf, intid;desc=f08c5b0692094bdf
content-length: 618
x-xss-protection: 1; mode=block

GET
H2 200 DBWebCheckbox.vue.WqViDYgk.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 210ms
202ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebCheckbox.vue.WqViDYgk.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

34ecee46af783ee46f68ba810d9d7785d383fe959de7bd791f779a6ec58737ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d35e0e530d8fa7dd, intid;desc=d35e0e530d8fa7dd
content-length: 890
x-xss-protection: 1; mode=block

GET
H2 200 ErmaessigungsFormatter.CCjCgvMs.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 211ms
202ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ErmaessigungsFormatter.CCjCgvMs.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d3e332b6cc31aa9a5c958ec9c18bd9bb905ea4baae7cc1d36ec6b418ee1301b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=4a19b10ed7310d4f, intid;desc=4a19b10ed7310d4f
content-length: 1106
x-xss-protection: 1; mode=block

GET
H2 200 _baseUniq.iCD4pde2.js Show response
www.bahn.de/web/assets/ 731 B
900 B 211ms
203ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_baseUniq.iCD4pde2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6d09e9c5dc538130bf3618b6bbc74be5ae6f87fb4edee4cdd3be01c816ca551e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=10fe5a210cd0910a, intid;desc=10fe5a210cd0910a
content-length: 514
x-xss-protection: 1; mode=block

GET
H2 200 _arrayIncludesWith.DWPAk-ny.js Show response
www.bahn.de/web/assets/ 713 B
786 B 211ms
203ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_arrayIncludesWith.DWPAk-ny.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f9b1ffa90a3c6f1dbc9c971f4c141e52d94eb568d79ba10c01422be1f209a5f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a453adc67f3e174a, intid;desc=a453adc67f3e174a
content-length: 401
x-xss-protection: 1; mode=block

GET
H2 200 makeStringNonBreaking.BFuO67OB.js Show response
www.bahn.de/web/assets/ 306 B
672 B 211ms
204ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/makeStringNonBreaking.BFuO67OB.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

54e7888936058ff45d9a9ca95a318524e78ba840ec4179e5bb360fcdaac4ce16

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 06 May 2024 12:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e620f5d443c953c1, intid;desc=e620f5d443c953c1
content-length: 306
x-xss-protection: 1; mode=block

GET
H2 200 es.string.replace-all.W7vED0Bc.js Show response
www.bahn.de/web/assets/ 882 B
997 B 218ms
211ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/es.string.replace-all.W7vED0Bc.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

33aa18a037a28bd3ab6187a5bdb0c4062eaee040e706826d492b510484169005

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e5b4adc16819dd57, intid;desc=e5b4adc16819dd57
content-length: 610
x-xss-protection: 1; mode=block

GET
H2 200 images.Ce03R1NG.js Show response
www.bahn.de/web/assets/ 688 B
812 B 219ms
212ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/images.Ce03R1NG.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8f1f403ed1cdba25f13aa798234e5d377bf61f8ee50ff04400f46042921790b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 13 Mar 2024 10:21:00 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ee2e9a34d240904f, intid;desc=ee2e9a34d240904f
content-length: 426
x-xss-protection: 1; mode=block

GET
H2 200 ReisendentypFormatter.D7tE5Ezh.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 211ms
205ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisendentypFormatter.D7tE5Ezh.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

210d9a7bba4b10aa8d86b8ca9ebe1e50b473a174dc6188f1e8954b2c51d9d23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=874bf3bc8a65e189, intid;desc=874bf3bc8a65e189
content-length: 717
x-xss-protection: 1; mode=block

GET
H2 200 useReisendenTyp.84YX7rng.js Show response
www.bahn.de/web/assets/ 318 B
649 B 219ms
213ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useReisendenTyp.84YX7rng.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b090eb06856e001c85fa864b691ec22f6ed57a33a7c2cbff570fc152499adb91

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=cde63339b469a759, intid;desc=cde63339b469a759
content-length: 262
x-xss-protection: 1; mode=block

GET
H2 200 useViewportDetection.j-K1Eund.js Show response
www.bahn.de/web/assets/ 666 B
781 B 211ms
205ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useViewportDetection.j-K1Eund.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

427c007948dae78425eb325ecbe8dfe51d93516711b1ffdee31d41b1b163f7ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f08a3b37c35543e0, intid;desc=f08a3b37c35543e0
content-length: 393
x-xss-protection: 1; mode=block

GET
H2 200 GKBadge.vue_vue_type_script_setup_true_lang.C6W4Hxxg.js Show response
www.bahn.de/web/assets/ 377 B
743 B 212ms
207ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/GKBadge.vue_vue_type_script_setup_true_lang.C6W4Hxxg.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2be38824f3db08b3d90bca54546e159ab042d746effce57a883846281a8c84e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
date: Wed, 08 May 2024 22:47:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
last-modified: Mon, 06 May 2024 12:18:03 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=772543a1c85d070b, intid;desc=772543a1c85d070b
content-length: 377
x-xss-protection: 1; mode=block

GET
H2 200 DBWebBadge.ijw_C4ux.js Show response
www.bahn.de/web/assets/ 472 B
714 B 218ms
213ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebBadge.ijw_C4ux.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2d0dbcdfda50e2896e4dd817128a2fcf1c55190a4e5f03277957121955a32f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 06 May 2024 12:18:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e9ef62ce7b846ac2, intid;desc=e9ef62ce7b846ac2
content-length: 328
x-xss-protection: 1; mode=block

GET
H2 200 safeHTMLDirective.DOc_Svu2.js Show response
www.bahn.de/web/assets/ 415 B
693 B 212ms
208ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/safeHTMLDirective.DOc_Svu2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae6437221e0cef17894d59e7f9015160410e340e88b182a979f1073e228927ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 17 Apr 2024 07:33:09 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=72a0c850634bb2f1, intid;desc=72a0c850634bb2f1
content-length: 307
x-xss-protection: 1; mode=block

GET
H2 200 getCookieDomain.auBgT5hi.js Show response
www.bahn.de/web/assets/ 242 B
601 B 212ms
208ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/getCookieDomain.auBgT5hi.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/superviseAssetLoading.FNcv3HJS.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d855dc21f87141f48888da6ac62e67a5bc284aa93fd70f8b399376b79310be6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Apr 2024 11:06:10 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c110e9878e94faff, intid;desc=c110e9878e94faff
content-length: 216
x-xss-protection: 1; mode=block

GET
H2 200 accordion-4a47a4e6.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
4 KB 106ms
103ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/accordion-4a47a4e6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e582ac1d79997c9b6e4fcd3caa512596220afc40204e8a0defcb125077e7385d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=6662392e404da4db
content-length: 1235
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 app-popup.vue-e95f8e84.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 14 KB
7 KB 89ms
86ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-popup.vue-e95f8e84.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

738a937814b16c9786316517534ff447d6ee32d009d61413421626c7e1843824

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=6e68252e526ac041
content-length: 5012
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 slider-a8ff704e.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 361 B
3 KB 90ms
87ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/slider-a8ff704e.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5eba9ee84cbc0311ceddfaa9fd932e96becba899902404e9ad51672605bce216

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=02ab848cee515d23
content-length: 279
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 contentTeaserDropdown-bd7c98f0.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 1 KB
3 KB 106ms
104ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/contentTeaserDropdown-bd7c98f0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4b74b758dfd44e887d3d43df059a4ad5113329024784a7bf36fe5fdc63cd17dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=b37c1523941c0eed
content-length: 578
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 defineAuthButtonWebComponent-032e6988.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
4 KB 107ms
105ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-032e6988.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

83a5bb7bdaa353808b4f3aa7db7c6fa91093cb3a20b2e336c625fd069c5f6346

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=e38bd8fcd1324a8f
content-length: 1667
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 app-crm-teaser.vue-7a30e18f.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
4 KB 108ms
106ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-crm-teaser.vue-7a30e18f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2dd4d82d49830f1ee0ab6ce029972f024f33bd7c58f9b3856718efdb1b794dfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=9cb3258ead1ccb19
content-length: 1554
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 app-teaser-block-rondell.vue-45a4e385.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 2 KB
3 KB 109ms
107ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-teaser-block-rondell.vue-45a4e385.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a622774572df2f736091c5e69ce7457e2f64cbe614470868bd425e06a59d6c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=539a154c813c82ef
content-length: 849
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 app-co2-uhr.vue-ad367bec.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 29 KB
10 KB 109ms
108ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-co2-uhr.vue-ad367bec.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ceaa222c835bc24656a8278777b14d42ed467fee3686748685f81aa22a1c6b02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=739ca91cc35ba9c7
content-length: 8162
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 index.html Show response
www.bahn.de/.resources/bahn-common/webresources/storage/ Frame 6E6C 2 KB
1 KB 95ms
93ms Document
text/html 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initTracking-43df5d53.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

197be260b9d7d1e294764119d0d174c910b9bf0d15a18ffb9db1df2680b975f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.bahn.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-length: 762
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
content-type: text/html;charset=UTF-8
date: Wed, 08 May 2024 22:47:35 GMT
expires: Wed, 08 May 2024 22:52:35 GMT
last-modified: Thu, 29 Feb 2024 06:39:34 GMT
server-timing: intid;desc=f193ae6a87a2db01
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 utag.js Show response
cms.static-bahn.de/tms/next-main/ 244 KB
65 KB 158ms
47ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a6d798d171933d7cb16c4e5df8194f23569ac9ede113a16bd3de3916616414b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: jzlPQkfo5FOe9APgLHB0dWBnoP94DwOw
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:28 GMT
last-modified: Tue, 07 May 2024 09:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47588
x-amz-server-side-encryption: AES256
etag: W/"23f8ebfeff2ab1ad7f1d300462a5ee43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: zGgQCqh1i2_OfFR9xl8mZMSDeydCeFbPdqLXPlhCSYkvJa91bjes4A==

GET
DATA 200
OK truncated
/ 536 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d9306f5f844bdca438a99633a6ab1e553e33635d363c533897ceb536698d9e7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 openid-configuration Show response
accounts.bahn.de/auth/realms/db/.well-known/ 9 KB
4 KB 370ms
105ms Fetch
application/json 2a02:26f0:300::215:8561
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bahn.de/auth/realms/db/.well-known/openid-configuration

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-c9dd429b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8561 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

27ff84192a5142bb4ba2d8e18c05c01cdd4a09c94ccded6dcff31c2c60bcb1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://*.hcaptcha.com
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
server-timing: intid;desc=8de0759ffa9d75d4, intid;desc=8de0759ffa9d75d4
content-length: 2148
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer
vary: Origin, Accept-Encoding
x-frame-options: ALLOW-FROM https://*.hcaptcha.com
content-type: application/json
access-control-allow-origin: https://www.bahn.de
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Wed, 08 May 2024 22:47:35 GMT

GET
H2 200 runtime-dom.esm-bundler-2cce5843.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 52 KB
24 KB 83ms
82ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/runtime-dom.esm-bundler-2cce5843.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d2116fd30de52f8b9bc6240cd6149729ea84bf94b91f08084c8cc5c549ec0b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-popup.vue-e95f8e84.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=1b31569f96f8b1e1
content-length: 22187
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 adjustArrowsComponent-45e772ef.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 25 KB
10 KB 85ms
84ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/adjustArrowsComponent-45e772ef.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

907680fd194972ba0ef70bf04366ca4c16f09c45e23cc2ae53cde4b363efaef8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/slider-a8ff704e.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=595d052f3de0bf95
content-length: 7677
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 index-a961b061.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 12 KB
8 KB 94ms
93ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/index-a961b061.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e94fd1ed3600db4519cb4ce424ba54b5a66af4268724e32091df5fff7821f942

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-032e6988.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=691396abaad0041d
content-length: 5346
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 userStore-2b927b96.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 2 KB
3 KB 103ms
101ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/userStore-2b927b96.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9f86de1cc44cc293f3d0249f0da5c36677c1e87299d44b6c7abd467ea04b58ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-032e6988.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=c6ece74c992aef7b
content-length: 832
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 useAuth-f1b8d559.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 499 B
3 KB 96ms
95ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/useAuth-f1b8d559.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d9d4454e6f2dc22c28944252fc2787e6592560e6bbdf3edb1e6532734ba774b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/defineAuthButtonWebComponent-032e6988.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=595ccf2f5948d38f
content-length: 339
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 TeaserSlider.vue_vue_type_script_setup_true_lang-cbe8be5f.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 15 KB
7 KB 97ms
96ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/TeaserSlider.vue_vue_type_script_setup_true_lang-cbe8be5f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1e58256994b5c73f921e675cd5e8d9ce7f11bbd0d1ef9e1a5e084b4d415befb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-crm-teaser.vue-7a30e18f.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=d810ef014d26cc19
content-length: 4364
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 linkHelpers-fa8e08c9.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 139 B
2 KB 104ms
104ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/linkHelpers-fa8e08c9.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9efb40da7dd0ab826404bcc9147b25071414fc77fd1dece6a04f0c31e30e67fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-crm-teaser.vue-7a30e18f.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Thu, 28 Mar 2024 09:15:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=7dfe7ec4ecbb2d5d
content-length: 140
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 TeaserBlockRondell.vue_vue_type_script_setup_true_lang-68ccc198.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 2 KB
3 KB 94ms
92ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/TeaserBlockRondell.vue_vue_type_script_setup_true_lang-68ccc198.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4882bbe3f7624e6407051a9d6cc9c1f37bfa83724b35937881fda5fd691066d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-teaser-block-rondell.vue-45a4e385.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Tue, 07 May 2024 06:35:54 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=48e36c22951f7f71
content-length: 845
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 useScreenReader-95c30407.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 337 B
2 KB 98ms
96ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/useScreenReader-95c30407.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

192f5d45731ec93d84951c1a6c410bf0bd7db929c1b2bc18b8291613f3afe32f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-co2-uhr.vue-ad367bec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 29 Jan 2024 21:43:25 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=4743253620415ca7
content-length: 208
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 CircleLoader-080eff0d.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 444 B
3 KB 94ms
93ms Script
application/javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/CircleLoader-080eff0d.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

60773b125955e3eb37db37973fffd72f5688d9820ef841db0c0dcb3f257653ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/.resources/bahn-common-light/webresources/js/app-co2-uhr.vue-ad367bec.js
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 14:35:53 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
server-timing: intid;desc=05c75efd2de0ad53
content-length: 297
x-xss-protection: 1; mode=block
expires: Thu, 08 May 2025 22:47:35 GMT

GET
H2 200 desktop Show response
www.bahn.de/.rest/navigation/ 7 KB
4 KB 81ms
80ms XHR
application/json 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.rest/navigation/desktop?root=a5a66ce9-1eaa-41d7-87d4-1c9e52ea2bb1&site=next-bahn-de&lang=de

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts-1f757195.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cfcf08248a4e336e582207b7f7420b692a6d65f502fe84145d8db244cfcf27f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: public, max-age=33
server-timing: intid;desc=a66056abaf4ef719, intid;desc=a66056abaf4ef719
content-length: 1536
x-xss-protection: 1; mode=block
expires: Wed, 08 May 2024 22:48:08 GMT

GET
H2 200 consent-layer-loader.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 6 KB
3 KB 44ms
43ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1ecf62e0bb296063d41d01e75a6603cd174c2ad0813bfcf1e01acc379507e44

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DAkfQrRlS5vhto8m4CISbfLgw4LBZ14v
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:28 GMT
last-modified: Tue, 07 May 2024 09:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47588
x-amz-server-side-encryption: AES256
etag: W/"85c814555b59cceb5666ab85711b5e4d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: xVh-_YcLFCDyJwUyeLMumdNGYDom5FBjir0js9N7VxTIp3PR7hpkYA==

GET
H2 200 utag.1.js Show response
cms.static-bahn.de/tms/next-main/ 70 KB
23 KB 47ms
46ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.1.js?utv=ut4.51.202404301201
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff72daf17cb9cfabfbc9903680a3cf8ec891f797435c0438197bccf93c0c5d4a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8aydCuGhFrt68cwZQGs5adJ15Ret5iEl
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:27 GMT
last-modified: Tue, 07 May 2024 09:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47589
x-amz-server-side-encryption: AES256
etag: W/"079b8c867afb393c978912ed8b7725bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: CQlL4GwF-3bpY2NsTo42NhByd1M6orRkNZvkmLskiMVNMCuSsSmLJQ==

GET
H2 200 utag.11.js Show response
cms.static-bahn.de/tms/next-main/ 3 KB
2 KB 50ms
50ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.11.js?utv=ut4.51.202404230841
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3afeec7a3467730b04d8530c6d755ae05975e97e37b88ebf27576feb8453b5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 09:34:27 GMT
x-amz-version-id: TU19GBJprjWWgyFx.7XC0G0ne3n4NS7Q
content-encoding: gzip
last-modified: Tue, 07 May 2024 09:33:15 GMT
server: AmazonS3
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"cca677d00cf4e7a6a8f6ca6c0b3e1c43"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 47589
x-amz-cf-id: wgzLjOofZoXQi9tgL7mNvs43cgp0_-geb86V7g7w_l_LS7aJLWHf_w==

GET
H2 200 DB239784.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:45d83942-e11c-46fe-8128-c45a642fa20e/ 27 KB
0 0ms
0ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:45d83942-e11c-46fe-8128-c45a642fa20e/DB239784.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

aa345cb347ef58f008d9e8780af8f74a5ca75338f22ae9c410bac246f3e5597e

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Mon, 18 Mar 2024 08:03:42 GMT
server: Akamai Image Manager
x-serial: 1555
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=336893
content-length: 27252
expires: Sun, 12 May 2024 20:22:27 GMT

GET
H2 200 DB219730%202000x1000.jpg
assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:17d1ecf4-e113-42e6-809e-9f28f02f030d/ 18 KB
0 1ms
1ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/640x320/dam/jcr:17d1ecf4-e113-42e6-809e-9f28f02f030d/DB219730%202000x1000.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f3a42a7403c2993d0f0bfa86b2d6d55a11c0e3e6af1d2f496d6b775eeaaf9232

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:34 GMT
last-modified: Wed, 08 May 2024 08:16:40 GMT
server: Akamai Image Manager
x-serial: 251
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2539688
content-length: 17958
expires: Fri, 07 Jun 2024 08:15:42 GMT

GET
H2 200 favicon.ico
www.bahn.de/ 5 KB
3 KB 83ms
82ms Other
image/x-icon 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ae0400d6155fbbd61c93d4f5546e8a2e6c96f6aed576f5728f8500e8e9f6f816

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Thu, 22 Feb 2024 12:59:49 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: "1536-611f804b81b40"
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=1696371
accept-ranges: bytes
content-length: 1002
x-xss-protection: 1; mode=block
expires: Tue, 28 May 2024 14:00:26 GMT

GET
H2 200 CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg
assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/ 24 KB
26 KB 53ms
53ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/1280x440/dam/jcr:e21b6e1d-c3e8-4a94-ac24-25bfedb30fb2/CO2Uhr_Hintergrund_abgedunkelt%20(1).jpeg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c2be139b6050da9378be40d66b19404cbb665e6f1af561da0acbd4953e21a1d2

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Sat, 23 Mar 2024 22:21:20 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=763998
content-length: 24246
expires: Fri, 17 May 2024 19:00:53 GMT

GET
BLOB 200
OK f7da9dc7-e6a1-4066-a33f-23104d5944b2
https://www.bahn.de/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bahn.de/f7da9dc7-e6a1-4066-a33f-23104d5944b2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd4e56fa46b15f31718eae73fc5cf14725d0cacd4d8019b83a3d50ff913c86c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 2407
Content-Type: text/javascript;charset=utf-8

GET
H2 200 consent-layer-standalone.41ba11d4beb2f1ae137d.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 177 KB
132 KB 48ms
46ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-standalone.41ba11d4beb2f1ae137d.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40caaaad6a98cd6b7b37d35272af677708739579a0797368db15f3fa609a3575

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: lFE3On_QHVZfsOR853fB37EcM33ZFe7l
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:28 GMT
last-modified: Tue, 07 May 2024 09:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47588
x-amz-server-side-encryption: AES256
etag: W/"82a38d19f4dab861c6ce61c6cf583138"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 25EtqXnhVcP0eHmomfCVpr-q3OvCa2bc3V9mbujWFRF0i1Xc0is8Ng==

GET
H2 200 consent-layer.97b3428ca149557dba63.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 23 KB
7 KB 94ms
92ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer.97b3428ca149557dba63.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27ef68d60fd0abbd4450c9a09342531bc7c796ad48b0adc55343d4df8960675f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wa2qyjf8hNfVgZetMi9Gjo5_I99xRKLX
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:28 GMT
last-modified: Tue, 07 May 2024 09:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47588
x-amz-server-side-encryption: AES256
etag: W/"2dea45e6e04da6568bd921d18f877833"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 5whRcBvSJGg-5WcvhYmMp-jDvOTWDm8NSOPA9kTBVa9P90zJrdCRqA==

GET
H2

200

auth.v1.html Show response
www.bahn.de/.resources/bahn-common-light/webresources/assets/html/ Frame 165B
Redirect Chain

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=...
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

0
2 KB

86ms
85ms

Document
text/html

2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-c9dd429b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Wed, 08 May 2024 22:47:36 GMT
expires: Thu, 08 May 2025 22:47:36 GMT
last-modified: Fri, 22 Sep 2023 07:01:04 GMT
server-timing: intid;desc=a0d296b9b4c62b3d
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Wed, 08 May 2024 22:47:36 GMT
expires: Wed, 08 May 2024 22:47:36 GMT
location: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html#error=login_required&state=MniELkDUYM
pragma: no-cache
referrer-policy: no-referrer
server-timing: intid;desc=fa4c6232862004f4 intid;desc=fa4c6232862004f4
strict-transport-security: max-age=16070400; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4.00a494c30b4086f401d4.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 13 KB
3 KB 42ms
41ms Script
text/javascript 2600:9000:20eb:4a00:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/4.00a494c30b4086f401d4.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4a00:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7e2bab11b50ac3cb65eb4e1a6d7b0a5722194cdc4c31e9760cd6a577350d536

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: HQy46ZggTlCeNtwOyfoKgR0ycFSrEPfX
content-encoding: gzip
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
date: Wed, 08 May 2024 09:34:29 GMT
last-modified: Tue, 07 May 2024 09:32:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 47587
x-amz-server-side-encryption: AES256
etag: W/"5956603e91b2026222e05795fd8c56f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: Al0qHi1F-IYXX42adMt7PGls3-gxtHIR40MUNOTEPgwueFf1XCuGCQ==

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 Rulantica_2zu1_2000x1000_Px.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:6b106fcf-258d-41db-a140-24eedf4ed740/ 69 KB
71 KB 49ms
46ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:6b106fcf-258d-41db-a140-24eedf4ed740/Rulantica_2zu1_2000x1000_Px.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d456803897777a04591a7ca0b8e5eac005632bd55d1808df1c357fccc768b894

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 08 May 2024 22:00:34 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2589168
content-length: 70529
expires: Fri, 07 Jun 2024 22:00:23 GMT

GET
H2 200 Teaser_bb_ticketgewinnspiel_2000x1000px.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:e490cf61-f675-4c84-8cb6-8a3d33bbf602/ 28 KB
30 KB 58ms
56ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:e490cf61-f675-4c84-8cb6-8a3d33bbf602/Teaser_bb_ticketgewinnspiel_2000x1000px.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

04d77e96123acad39218d4f233407f503b585555cbf091164a7cead2ec0c2cb7

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 01 May 2024 22:01:30 GMT
server: Akamai Image Manager
x-serial: 552
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1984408
content-length: 28758
expires: Fri, 31 May 2024 22:01:03 GMT

GET
H2 200 Motiv_07_DB12226_2000x1000.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:9df3a67b-250c-4778-b058-f0a9eb5617f4/ 24 KB
26 KB 60ms
58ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:9df3a67b-250c-4778-b058-f0a9eb5617f4/Motiv_07_DB12226_2000x1000.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

28a5fef91750c140b3fb9f042aa9fff90e80dbba9eb4219aa5b16e5ead9f4bca

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Fri, 26 Apr 2024 07:04:24 GMT
server: Akamai Image Manager
x-serial: 1370
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=1498616
content-length: 24511
expires: Sun, 26 May 2024 07:04:31 GMT

GET
H2 200 Sparpreis-Senioren_4zu2-storer.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:bc817e32-095d-44c9-ba51-c14efe78a607/ 26 KB
28 KB 64ms
62ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:bc817e32-095d-44c9-ba51-c14efe78a607/Sparpreis-Senioren_4zu2-storer.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

bdfa292c3a19c2830c0660ecac1a9f60527b662e152c44473fb51adbbf1e6683

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 08 May 2024 22:00:35 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2589194
content-length: 26494
expires: Fri, 07 Jun 2024 22:00:49 GMT

GET
H2 200 DT%20Teaser%204%20zu%202%20mit%20St%C3%B6rer.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:a4ccc7bc-821e-44f6-8b2f-6ef4b45a0284/ 22 KB
24 KB 72ms
71ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:a4ccc7bc-821e-44f6-8b2f-6ef4b45a0284/DT%20Teaser%204%20zu%202%20mit%20St%C3%B6rer.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3642e102f0c113239ba3b8f917b6888d3311a89380e2011593d184f8f91cdff0

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 15 Apr 2024 12:14:27 GMT
server: Akamai Image Manager
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=566860
content-length: 22472
expires: Wed, 15 May 2024 12:15:15 GMT

GET
H2 200 Stillen_01103_sRGB.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:43a25eb3-5192-493b-bfe1-9b429b594514/ 30 KB
32 KB 67ms
66ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:43a25eb3-5192-493b-bfe1-9b429b594514/Stillen_01103_sRGB.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cf6dba6a0e981046bf556ab96231583791e3e7358060a9d54dfabd66ba9ead50

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Wed, 08 May 2024 22:00:36 GMT
server: Akamai Image Manager
x-serial: 1292
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=2589180
content-length: 30907
expires: Fri, 07 Jun 2024 22:00:35 GMT

GET
H2 200 Baustelle_DB225415_Header+St%C3%B6rer_4z2_c.jpg
assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:5d7aa809-ad5b-489b-b855-0491074b41fb/ 18 KB
20 KB 65ms
64ms Image
image/avif 2a02:26f0:12d::b819:ef22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/.imaging/focalpoint/752x376/dam/jcr:5d7aa809-ad5b-489b-b855-0491074b41fb/Baustelle_DB225415_Header+St%C3%B6rer_4z2_c.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d::b819:ef22 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

211809cce3f0505b31704d838afbf4622730f9bf7986795558a7ae5c17027425

Security Headers

Name

Value

Content-Security-Policy

X-Frame-Options

sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://assets.static-bahn.de https://*.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
date: Wed, 08 May 2024 22:47:35 GMT
last-modified: Mon, 15 Apr 2024 12:14:25 GMT
server: Akamai Image Manager
x-serial: 417
x-frame-options: sameorigin
content-type: image/avif
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-transform, max-age=566823
content-length: 18336
expires: Wed, 15 May 2024 12:14:38 GMT

GET
H2 200 user-context-data Show response
www.bahn.de/web/api/kundenkonto/ 90 B
870 B 168ms
112ms Fetch
application/json 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/user-context-data

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/initUserContextService-c9dd429b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-correlation-id: 9153bd37-f1fb-4de7-b94d-7cdeb8a4e93c_6cc3608c-6f0c-4c04-a28d-1c066c77cc8e
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json;charset=utf-8
accept: application/json;charset=utf-8
Referer: https://www.bahn.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"5a-g3GO6Iib84nBrmVNuRHICMdTzDM"
vary: accept,authorization,cookie
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=60
server-timing: intid;desc=d6c8db3eb63aeb8f, intid;desc=d6c8db3eb63aeb8f
content-length: 90
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 448 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c24dba7a46112b0f5d36478b8329b6cb76304b48a1b8395b2c4b32b838ac1f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2VwfARuJAzeMmnZHy6KR3.json Show response
cdn.optimizely.com/datafiles/ 5 KB
2 KB 138ms
40ms XHR
application/json 2a02:26f0:12d:59b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/datafiles/2VwfARuJAzeMmnZHy6KR3.json

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth-20b47a1a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:12d:59b::13b8 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4bc5adae22d6c1d057cfd9435723322eeaa897ae330eec41329752b00a5dcdc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: fc3TXJBEyJD824IrONRb52.sFJKukvD7
content-encoding: gzip
date: Wed, 08 May 2024 22:47:36 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 3K94V99H1TK7ABWX
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 227
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="37";dur=0,cdnip;desc="2a02:26f0:12d:59b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1715208456460_3088707479_257704127_26_1548_37_41_219";dur=1
content-length: 1191
x-amz-id-2: 6DODkhHgnC+f+3RxxK3btHSGNxRWFS70ii/jDX3UOgil1tGCH0gNjY0RY0T3ZfrrJ49PIb0lkYg=
last-modified: Sun, 05 May 2024 21:59:06 GMT
server: AmazonS3
etag: "2a715acd6d1c6708c3033cd24855227b"
vary: Accept-Encoding
access-control-max-age: 604800
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
cache-control: max-age=118
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 frontend-config.json Show response
www.bahn.de/web/ 2 KB
1 KB 90ms
86ms Fetch
application/json 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/frontend-config.json

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/abTestingServiceKey.BtK6dDUi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e4f1933dcf746c91fc82671cdf9e2c2d5f8c2639b77a6e91038933f25ac70cde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=60
server-timing: intid;desc=e1f20b965f3396a8, intid;desc=e1f20b965f3396a8
content-length: 924
x-xss-protection: 1; mode=block

GET
H2 200 stammdaten Show response
www.bahn.de/web/api/angebote/ 16 KB
16 KB 91ms
90ms XHR
application/json 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/stammdaten?lang=de

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/DiagnosticsService.bWYuJAm0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e98817007224a224ca67ccfafddc4ffbb34cccc9d4aca5c385ebb787999335d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-correlation-id: 9153bd37-f1fb-4de7-b94d-7cdeb8a4e93c_6cc3608c-6f0c-4c04-a28d-1c066c77cc8e
accept-language: de
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.bahn.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"3e82-1hm04+qMxgwuu9nwTnKQGBiRFiM"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=54dc860ee07bd4d6, intid;desc=54dc860ee07bd4d6
content-length: 16002
x-xss-protection: 1; mode=block

GET
H2 200 id Show response
www.bahn.de/st/ 48 B
738 B 123ms
122ms XHR
application/x-javascript 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/st/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=41465423381469705273363465693748436099&ts=1715208456416

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

jag /

Resource Hash

9a2184e3ec01e0c32eed4c0fd81073b6781e065e6dc984e3661f705bb0769bce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
server: jag
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: private, no-cache, no-store, no-transform
content-length: 48
x-xss-protection: 1; mode=block
expires: Wed, 08 May 2024 22:47:36 GMT

GET
H2 200 sdk.js Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 60 KB
18 KB 159ms
45ms Script
application/javascript 2600:9000:275d:c200:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.11.js?utv=ut4.51.202404230841

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c200:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

91d41722669cebe9c974d9a3eb39185f6e1777d4bd71eb6f312a2ab888965504

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 21:47:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 3577
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: H7PSFvWIfXDiGrZmIvHQI1XiskNWmX9H27lOvf8igS9-ZiGY9ZVhxA==

GET
H2 200 verbuende Show response
www.bahn.de/web/api/angebote/stammdaten/ 9 KB
2 KB 82ms
81ms XHR
application/json 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/stammdaten/verbuende

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/DiagnosticsService.bWYuJAm0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3cc0160cdcad11e31cef565dd05fa243876ad016729919313e7bb332f896f2b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-correlation-id: 9153bd37-f1fb-4de7-b94d-7cdeb8a4e93c_6cc3608c-6f0c-4c04-a28d-1c066c77cc8e
accept-language: de
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.bahn.de/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"22d6-Z+35saqvrccqGNhhhLES4TaOuEc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=988b2f10f1098fe1, intid;desc=988b2f10f1098fe1
content-length: 1477
x-xss-protection: 1; mode=block

GET
H2 200 s53321170911846
www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/ 43 B
794 B 134ms
134ms Image
image/gif 2a02:26f0:300::215:8538
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/s53321170911846?AQB=1&ndh=1&pf=1&t=9%2F4%2F2024%200%3A47%3A36%204%20-120&sdid=2656258DBD972B63-5489457F713A70F3&mid=41465423381469705273363465693748436099&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=bahn-de_startseite&g=https%3A%2F%2Fwww.bahn.de%2F&cc=EUR&ch=Content&c3=Anonym&v3=Anonym&c4=Content&v4=Content&c22=https%3A%2F%2Fwww.bahn.de%2F&v22=https%3A%2F%2Fwww.bahn.de%2F&c24=bahn-de_startseite&v24=bahn-de_startseite&c69=Logout&v69=Logout&c74=bahn-de_startseite&v74=bahn-de_startseite&c75=https%3A%2F%2Fwww.bahn.de%2F&v75=https%3A%2F%2Fwww.bahn.de%2F&v106=None&v110=bahn-de&v111=www.bahn.de&v112=startseite&v113=Content&v115=https%3A%2F%2Fwww.bahn.de%2F&v117=de&v118=Landscape&v119=Desktop&v120=startseite&v121=Logout&v122=Anonym&v126=false&v186=view%3Eut4.51.202404301303&v187=prd--default&v199=next-main&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:300::215:8538 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:47:36 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 09 May 2024 22:47:36 GMT
server: jag
etag: 3683382114262777856-4618619076643303490
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, no-transform
expires: Wed, 08 May 2024 22:47:36 GMT

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab7e8e48e44022d47aef4a0312788dd8cf3a570ac4c6259f519ece57524e3274

Request headers

Referer
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2 200 config.json Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 69 KB
6 KB 41ms
41ms Fetch
application/json 2600:9000:275d:c200:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/config.json

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c200:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

ec8f43b85ab76b3c2b4fd3a90cdf0a1bbcb2bb91bcd9dc00795c044e5fec8999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:08:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 2341
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: eyAe-r5jNYEnNSphdkWpq0BbAFmaedaqkR7dhxarFHdLcRVKYYo-Iw==

GET
H2 200 customcode.js Show response
ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/ 15 KB
4 KB 42ms
40ms Script
application/javascript 2600:9000:275d:c200:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/customcode.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c200:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

6be89c46dd1a97f676060ac6d860434eedaef7acdf276a0c0c2c2b1c504d6ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 22:23:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 1457
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: G4RbNtC0cN1fd_I4ZFgl9CCdbIzXYlGmsqpR3WG3ofgEgXqVgNWl3A==

GET
H2 200 visitor.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 40 KB
13 KB 47ms
46ms Script
application/javascript 2600:9000:275d:c200:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/visitor.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c200:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

ef52bcd5bc87b8fe86531a53766cd1349e122786526091a096a8387ba8862df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:47:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 2026786
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: rA6UkSBPnpSvb998GoYnTrJn2gBaSwicx3BRy2aD2evB-2IrFd8N0g==

GET
H2 200 rules-engine.js Show response
ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/ 45 KB
14 KB 55ms
53ms Script
application/javascript 2600:9000:275d:c200:1b:1f8f:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ucm-eu.verint-cdn.com/files/modules/unified-websdk/1.12.0/rules-engine.js

Requested by

Host: ucm-eu.verint-cdn.com
URL: https://ucm-eu.verint-cdn.com/files/sites/next-bahn-de/live/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c200:1b:1f8f:6780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

0286f646346070dab11f2a95f2a2a8b9239bcb0b7e55d31b2840299937801338

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.bahn.de/
Origin: https://www.bahn.de
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 23:51:08 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
via: 1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 2415388
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000;
x-amz-cf-id: -cs074t-H5VJ9NNIaw8N8cvnVki8S-1rqXI2qgUzyeUUw9PGUSS23Q==

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 6243ff2c-16dc-4483-9cfd-dad5290d7423.rh-sso-558ff989cb-9j22r
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 6243ff2c-16dc-4483-9cfd-dad5290d7423.rh-sso-558ff989cb-9j22r
accounts.bahn.de/auth/realms/db/	1970-01-20 20:26:50	Name: IDM_SID Value: 5d3ec133-3462-4686-bce7-b1e38f7a4848
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: TS0135fa4a Value: 0144e11a918b97f97ef8413d25b43352d1abc20fb47dff2973fa5f930ca51b3ad687fa742ace1b3ad2850042af7616527db1f0f98b
.bahn.de/	1970-01-21 05:12:24	Name: request_consent_v Value: 3
.accounts.bahn.de/	1969-12-31 23:59:59	Name: TS016c400a Value: 0144e11a918b97f97ef8413d25b43352d1abc20fb47dff2973fa5f930ca51b3ad687fa742ace1b3ad2850042af7616527db1f0f98b
accounts.bahn.de/	1969-12-31 23:59:59	Name: TS51bc32fa027 Value: 0850f34bcdab2000edacfe09cd0788c66c864b4d0ae2a50f4d0703633fe51912623c35ecdb48955508fc8673bb11300094d1563080279ad108855580daf10dc7c257e519ff487bf34a1ea11504071d33e051e66d0cde94950329fe72416a586d
.bahn.de/	1970-01-21 05:12:24	Name: _abck Value: 74B0264D65C69F8ED9BBE74FDDAB5723~-1~YAAQXYUVAtsjuk+PAQAAlAdkWguj63pGoYfLqCSID2mygjMsfDT3ALcn12hoOToValjFotBc26s4r3QJC8HiIZNrmQHbAZ0DfM4lmYlYNWZxnBRVy/7pUC0Ro5LxXvmUSqOAYxwxWCw9PKMgAixEKirHllTILNSk+kN4igVGQ8my2RxYhjQvmwzt9JSZglw+B8HFWhO8W2FnhHBN3xLVXyQawWm6Ok7YUqxlUJTDi+5EUbaDje5OE3rwHW8Cuz9+ahmwOuEXuOJgZHQBZfliuQLGc1oLWcLdcP0yaIBXtzAHbcGw/fBmtv53yAXEzeuQjLix0iJNbF1XEAgGAQz7TBidklE54a5C1YAoQwLNLoVcE5Z5P6bAULU=~-1~-1~-1
.bahn.de/	1970-01-20 20:27:02	Name: bm_sz Value: 4912220B6347A04BBF264B1348FF95BA~YAAQXYUVAtwjuk+PAQAAlAdkWhc3qSlKZTR901w93x4x5OJRjrX0BxaJQ6sv23Wy62aUqphCJwZfC8jUmdt7mjf8RST8DFWnpLVxX4h5A9E48M40gWzsBhnMMqY/fjzU7cZJIEtT4de3t6i5+JzqRaAJZI84uUmrVG1BA1+eFjz5RFFdpEXsBD7G7k2sZVrA8BVEHLr1j/OtgLS/PEZ6JZ0/wArBo1I/ROkqFaEVs0j181XiJRYxiAAAGOixUKMN6z9rsVyzqyci/XdO+YVaPhPjKoxZdJ0P1XyFCCJxaSV9hJN5sXmzIsKQtgrja8uqWLulDdgV+w7Mjko7lzr5OZDEMMSnmPIibAtBS6C5O4TXMYtvrNxFOrU=~4538675~4536116
www.bahn.de/	1969-12-31 23:59:59	Name: TS01309da6 Value: 0144e11a91694de9615c03a73e2bed26db74ab0e2b7e4688fbc1d225e2d3d6d18e744763db8168230889e77850286a7dbfba64f09f
.bahn.de/	1970-01-21 05:12:24	Name: utag_main Value: v_id:018f5a6405ad0013b168e68dbd090506f001406700b08$_sn:1$_se:1%3Bexp-session$_ss:1%3Bexp-session$_st:1715210255598%3Bexp-session$ses_id:1715208455598%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bahn.de
.bahn.de/	1970-01-21 06:02:48	Name: s_ecid Value: MCMID%7C41465423381469705273363465693748436099
.bahn.de/	1969-12-31 23:59:59	Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 1
.bahn.de/	1970-01-21 06:02:48	Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 179643557%7CMCIDTS%7C19852%7CMCMID%7C41465423381469705273363465693748436099%7CMCAID%7CNONE%7CMCOPTOUT-1715215656s%7CNONE%7CvVersion%7C5.5.0
.bahn.de/	1969-12-31 23:59:59	Name: s_cc Value: true
.bahn.de/	1970-01-20 20:26:50	Name: uws_session Value: %7B%22start%22%3A1715208456775%2C%22count%22%3A1%2C%22referrer%22%3A%22%22%7D%7Csession_timeout
.bahn.de/	1970-01-20 20:26:50	Name: uws_story_Start_Server_Recording Value: %7B%22done%22%3Afalse%2C%22stopped%22%3Atrue%7D%7Csession_timeout
.bahn.de/	1970-01-20 20:36:53	Name: uws_visitor Value: %7B%22vid%22%3A%22171520845677737149%22%2C%22start%22%3A1715208456775%2C%22count%22%3A1%7D%7C1722984456801
.bahn.de/	1970-01-20 20:26:50	Name: uws_rate_comparators Value: %7B%22global%22%3A0.28599622511049416%2C%22Start_Record_StartSeite%22%3A0.7869513085475188%7D%7Csession_timeout
.bahn.de/	1970-01-20 20:26:50	Name: uws_story_Start_Record_StartSeite Value: %7B%22done%22%3Afalse%2C%22stopped%22%3Atrue%7D%7Csession_timeout

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.jsctool.com https://jsctool.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net https://dbstreckenagent.de https://www.dbstreckenagent.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://assets.static-bahn.de https://.bahn.de https://assets-ri.extranet.deutschebahn.com https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bahn.de
assets.static-bahn.de
cdn.optimizely.com
cms.static-bahn.de
ucm-eu.verint-cdn.com
www.bahn.de
2600:9000:20eb:4a00:c:198:5740:93a1
2600:9000:275d:c200:1b:1f8f:6780:93a1
2a02:26f0:12d:59b::13b8
2a02:26f0:12d::b819:ef22
2a02:26f0:300::215:852a
2a02:26f0:300::215:8538
2a02:26f0:300::215:8561
004967ab6f2dd731073b766dfb6851a8d53e426caf6b1742f1e76efaed342886
0066d04dbc28eda02014d306069d0e715b72dd18d58e846e91db58415030b65c
00c79bb45f16f5ed4acb22b39a2827c0e6ed8c2bf46859136d1a7fc2b9841fea
014c0f1b026c611b5681e75f531da9deba799fbca1327049fb85e37b3dc3caa4
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01efa399098291b179fd194e4f65ae66d579b3e29c8c513dc636964c70e4fdf8
0286f646346070dab11f2a95f2a2a8b9239bcb0b7e55d31b2840299937801338
04b55c1084ea7cb15f8e38d40927d2403f368f3ccee6facebd3d2ceb8579672d
04d77e96123acad39218d4f233407f503b585555cbf091164a7cead2ec0c2cb7
06cf824673d5888d09c47f0097680a07ccd568ba3f9f636dd4b1addf612a4d55
0cef0a9b83051ef44ae89fb695fdeacab7328784d18c9ff86adad485f80cf408
0e2fb2fa919688694a9e78981ffe2471094402e3e4b7918038f3eef7e9b07bd5
143149f2ee19257377ea6a0b58d25f2e9fe32998540ef0b62a878254684a3741
173443422d73fc3154ad5f94f6d32d2050face316e65084b1fe18fe31721df62
192f5d45731ec93d84951c1a6c410bf0bd7db929c1b2bc18b8291613f3afe32f
19408d7a6fb05e3a6c40c69928b61de0174e1ab68f6de54dba3d2de212fea4d9
197be260b9d7d1e294764119d0d174c910b9bf0d15a18ffb9db1df2680b975f3
1a3a19f77ff8c267850a693e68799808c9a0c08c26788f456916ac21a8ded18c
1e58256994b5c73f921e675cd5e8d9ce7f11bbd0d1ef9e1a5e084b4d415befb7
204b5cf20139fc5254054b95f65dd187944afca26abf8eee2146791a6ac19c60
210d9a7bba4b10aa8d86b8ca9ebe1e50b473a174dc6188f1e8954b2c51d9d23a
211809cce3f0505b31704d838afbf4622730f9bf7986795558a7ae5c17027425
21839a7404f2f6c58da0e2eb4dd97153566ade111226822bc05813e05770cafa
220b416e922cf74f723ea3d607444f68e8237d0d5bebe2792b983afa53a2f0d7
2458351cc8d5d1e8921d69120dccbd6f2d3e1c31acccb904e883775cb480ef60
258918f5b1303525ef92c4669c1c14554f64c9985f91be3ab47ce03e3b525bcc
25b446bf901432eefb4047afd6a4a27165e3526f8e3b3e5f69ad29024813940a
265dcd2509dd48b16fca1aaedc51c9c82b5135691427d5019fb298cbadae695f
27ef68d60fd0abbd4450c9a09342531bc7c796ad48b0adc55343d4df8960675f
27ff84192a5142bb4ba2d8e18c05c01cdd4a09c94ccded6dcff31c2c60bcb1c5
28a5fef91750c140b3fb9f042aa9fff90e80dbba9eb4219aa5b16e5ead9f4bca
2a24228bfdb093197e68e3b3753a1a880281c1b59625769aa0f09abe62e8c2a5
2a45893c7b6806665477b7530618bfeb57bafe65efe22af8e76e86d6dd86f2cd
2be38824f3db08b3d90bca54546e159ab042d746effce57a883846281a8c84e3
2d0dbcdfda50e2896e4dd817128a2fcf1c55190a4e5f03277957121955a32f1f
2dd4d82d49830f1ee0ab6ce029972f024f33bd7c58f9b3856718efdb1b794dfd
338ea6262fda802bb8facff37e4961a3162ab8b896a75bbe226838da5f5cc0ff
33aa18a037a28bd3ab6187a5bdb0c4062eaee040e706826d492b510484169005
34ecee46af783ee46f68ba810d9d7785d383fe959de7bd791f779a6ec58737ad
3560a5fb67a08c7c7ad059b361447ae57b4ac76d25de42f80dc09f9c6945ccca
3642e102f0c113239ba3b8f917b6888d3311a89380e2011593d184f8f91cdff0
373a2b8e9bfaf125d489f8ca800ee9ac6176143c86c406fcb2405b35334be414
375cdec0891e3305dd9576e70d3faf2a2dac3a3b31dff5f9a18d266f1d62160b
385b89f7813e4dbf690ea1864d81549e33592c4e36c1f78de6b929cf7b8dfc66
39a8afd2ac324ec8f3be4b639ff479708afe857427c8dbf74f9f62d553791bf2
3a76f0f1844df1599be4e4dc80baf0d0e3da35efc055240baf5b664fc154977d
3cc0160cdcad11e31cef565dd05fa243876ad016729919313e7bb332f896f2b7
40caaaad6a98cd6b7b37d35272af677708739579a0797368db15f3fa609a3575
427c007948dae78425eb325ecbe8dfe51d93516711b1ffdee31d41b1b163f7ca
4441d9d5d1f0a51d1311fe792fa8abd1b7ccfad1523d4e89799af9b3b72426a5
46ce05d42c0ace6157a2a88e54fee3c5de0527ba259f3964c650f4c0b8114e9c
4882bbe3f7624e6407051a9d6cc9c1f37bfa83724b35937881fda5fd691066d4
4b164f6be3426bc00a48e20dc693e712eb9bed0dbf159ffebc63809457e45c65
4b74b758dfd44e887d3d43df059a4ad5113329024784a7bf36fe5fdc63cd17dd
4bc5adae22d6c1d057cfd9435723322eeaa897ae330eec41329752b00a5dcdc0
4c28619f0cf11535054788011fb543777442395592bb81944e3e857aab8c5294
4cafe07adab1093df75744bb7e9b011f42b8fede68649b07829c911258affb69
4d3e332b6cc31aa9a5c958ec9c18bd9bb905ea4baae7cc1d36ec6b418ee1301b
514e294bf4ee77e893266ece4b92cc59a3abd5b4845c654d2680a21bf4bd643d
5151aad810688882f8bb5afb431e9e0f94b5009fce58b7d857e1a6e4057a0d2d
51d8ab5fac5605bfcfc3ba4693985faa28e54b8c9a183c76bc4428bd50ea6d4b
529f6f9ba1053e1105749bc113e0e86d5417818ee2f7ae901d831cceeeb8d637
54e7888936058ff45d9a9ca95a318524e78ba840ec4179e5bb360fcdaac4ce16
5584fe2257cfa5c4adb5512df868b82272393a03b87f977730f8084b5c393e2c
56ddc25bbc65463a8d98984ac0d5d6e99605a38f0e5d49e4d8c66dac50496d60
5ae6c5fab9d3f0beef50b980ba992905dae3f2b813f36fd177e2eb52921a277a
5d855dc21f87141f48888da6ac62e67a5bc284aa93fd70f8b399376b79310be6
5d9306f5f844bdca438a99633a6ab1e553e33635d363c533897ceb536698d9e7
5eba9ee84cbc0311ceddfaa9fd932e96becba899902404e9ad51672605bce216
60773b125955e3eb37db37973fffd72f5688d9820ef841db0c0dcb3f257653ae
611f5e000898b180a1c311a2e94ce5fa3ab9e76da84fb515c2431add89eb5d4d
633f9991eab769db4706b9e33dfb63a5ccb336271371493653ec1be2a29ed7a9
652ad7f468f93d43326e59a022055342bc1ca44808c995bea48ee851eade67c1
65638b0cc7e3892ede81570b01f5acf512a0d4605144c54da5dea8ac64746783
67607fb6eb08f13f65d4f9ce0e2f5905b1d89342ebc1c4cc5db9e9ca3bd7e488
6be89c46dd1a97f676060ac6d860434eedaef7acdf276a0c0c2c2b1c504d6ff6
6d09e9c5dc538130bf3618b6bbc74be5ae6f87fb4edee4cdd3be01c816ca551e
6e7a8d4782a14c78a36858186a2d8670332fd378b415323d6d584f82e57dbe14
6f24a5497631c6bb99fae9e1451083458a26b3b254bf6363dc0ae7d452331ef1
6f2d3708586e94b4ffe4949dd601067202e0f96ee3a374d10dc52e9ab23dae6d
71533b86b1df191c77d6e8558ab1a3498806c6486e2f3a48e560bb70fb94e67d
716bf759b8cd9cd168993e5b85ebff782757a5e893919af8ec9940bd114e75dd
738a937814b16c9786316517534ff447d6ee32d009d61413421626c7e1843824
7526eddf42c1e1ae73b612e013d5bfc9969fb9bc0b294069fd46a9648c864166
762d5b826682d6b65116529b53784bf2bb11e67323dd3df1ff95860091d7d94f
76c345052452f884322c0636936cdf5d1c11cadce6bb4277d21c16917d554387
7a622774572df2f736091c5e69ce7457e2f64cbe614470868bd425e06a59d6c7
7a9cb2ac70fc688da3e04d190491bedce59ba8e56dd750c85763962cc5b0e5ea
7aed557141c727f4fe2aef5da1db65af23b6aa141ba34af7c9e3e30bef269a3f
7d2116fd30de52f8b9bc6240cd6149729ea84bf94b91f08084c8cc5c549ec0b2
7e35cbfaece66e0dca05e020ba1b9cbdd130e10107c67676195897faaf4b0327
8086f37b2fef5219c0b43c66e419e6e1825aabd68be129ed32a07ed15a5a594b
80da003d8010021f3babdeafc674e173263d44a224d742b2499ea57e5ef09b19
83a5bb7bdaa353808b4f3aa7db7c6fa91093cb3a20b2e336c625fd069c5f6346
85579e9fbeab0e4943893ca363ea25d026cad8f601d80989b276a99a36b99295
857894e2a3a8dd0864f295ad83057fb26142f56ff77184359a333e9e07d25c6e
86244ba69fd89e08d2dabf360bf9ba78d8a799795a93942f83ea095a720481cd
86ef238beb68dc97f97be457bf5094542a89934da1adcd83115ab557bd99057a
8748ba4fb85bb50d55ea83d11395be03d76f9f6f2e9a029f13efaa63099f8d69
879ad41fe324132d417ec981c236357c073d0f2700d40e2be0a5563952c6c401
8820e5156cf08b4f9ef783359c1bc6d4d747d12513161a9d0f5db2e3fd11abb3
8a6d798d171933d7cb16c4e5df8194f23569ac9ede113a16bd3de3916616414b
8ae6c6ea455ff9ce56e7fb2200240a9ab9a6a49b7cc19df1f51669ae3c4185a8
8d0e87a4300fddf79fe78665c5ac1822beb06803ea14e5a697eba36975766c7d
8d5865f67a25e1a395c3acff873f8a053bf8e1ee45028fce3de94348d92c8705
8e98817007224a224ca67ccfafddc4ffbb34cccc9d4aca5c385ebb787999335d
8edb1db5aaee3ed9a0dc9d75057798d926271da0af1dc716d96018c2e11c158d
8f1f403ed1cdba25f13aa798234e5d377bf61f8ee50ff04400f46042921790b2
8fd8c3260ca4a8bf8523489dc6aa2bd71461129b8cb3e5f83e1d147a962fed39
907680fd194972ba0ef70bf04366ca4c16f09c45e23cc2ae53cde4b363efaef8
90a753324cb9928cffea4988e539d2ea6e3819e967f222046a2f636a13f5bd9a
912f72ef0e7d968042a4f734472209746b2cd56b4d0f1fb5cb49d88f6efa22d5
91d41722669cebe9c974d9a3eb39185f6e1777d4bd71eb6f312a2ab888965504
95f9be4ee6ea59c275929d62878515273ee7162920a46a10cccaf46b8f8da07d
9933184f53725c1fe496747ae093a2aa7f99d8e3824f8de45dd1fca12b0bbd5c
9a2184e3ec01e0c32eed4c0fd81073b6781e065e6dc984e3661f705bb0769bce
9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7
9efb40da7dd0ab826404bcc9147b25071414fc77fd1dece6a04f0c31e30e67fc
9f86de1cc44cc293f3d0249f0da5c36677c1e87299d44b6c7abd467ea04b58ce
a1c1f1d901d7ce0576d7a7626b6262d032a6a9a746f255e3f5f7369fccfbaccd
a1ec4c402d6fc597a0760fee2dbf3365a1fc14e026222d265607ed458da07e3e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a1ecf62e0bb296063d41d01e75a6603cd174c2ad0813bfcf1e01acc379507e44
a217d4782d409d6a264908367f91ebed4ccd62d8e7a645b68eda7c09e4ab49c9
a30e6d88034ba9769cf08be9b3069814dfaf577fde4ad1d887b54abc2cdae057
a319a38ae4886fc5462061ec503399e572c0625e2889ae06b580d944acc2964f
a331c090244f7164c5dd3ee9c40ea596093064c87a6a4c2f7cf7abf81fcc1f92
a5336d82ab214d113e6bd0ba2794ae62eaf283a6bc39c6c7cc4a1baca224e661
a55e2ac9fba134d313f28d7b7c229fc100b34406dae3951f6459b5e1de8bb492
a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1
a8a95996d20de1d5f2fdaf84cedcadd36419ef637be861039015e672a9f2dd3a
aa003146314e833d98e6960fc6f1da38870c720ea6ea87e22082be760706dc8e
aa345cb347ef58f008d9e8780af8f74a5ca75338f22ae9c410bac246f3e5597e
ab7e8e48e44022d47aef4a0312788dd8cf3a570ac4c6259f519ece57524e3274
ae0400d6155fbbd61c93d4f5546e8a2e6c96f6aed576f5728f8500e8e9f6f816
ae6437221e0cef17894d59e7f9015160410e340e88b182a979f1073e228927ad
ae848778968551e1459350c0df660126501385502483b3a85ce65a946d68ee37
b090eb06856e001c85fa864b691ec22f6ed57a33a7c2cbff570fc152499adb91
b40b563fca91e5d56d1e5301aac6b997c26840dd2708cd413ee11ff19f59e727
b432b7ab78b80c49e0893b5e1fb1c59a4a3341553f9617b628b34efcab3cff4c
b61d3eb82c569582d5a2a5347397b81cd9b5412eeb8821ab08c76fa290937ffc
b76a5e8ca4f9a0e58f9eb8b3c80c47dd7cf499386bfd8078f4e842b712324a6f
b7b9dbe5bf7f45efceda6277e79783f1a3bb3a1812171a9e4bbbfbecb7a22ffa
bab9a90d183e8a4e919ac8909444e208bf7b064c8374de3e4625b27067e5ac61
bae8bf6467be2976864f9c450716c1b96536fc2bcaacab3fd5685d9a02684f6d
bc25addd219ee127babf8f983627baefcceb59f88331ca84d393b9fc619c5e7e
bdfa292c3a19c2830c0660ecac1a9f60527b662e152c44473fb51adbbf1e6683
bf434869ef5002c11f985c79e23e2fb66528ab6bf73364160bd7ffbaab434987
c28453dbea601b3c76b8498085f92b614d19362c22ba1f27023a02b978d10d70
c2be139b6050da9378be40d66b19404cbb665e6f1af561da0acbd4953e21a1d2
c5f6069240f95b88827d5b71689ed78819fd93c273e69f08fd0332ba3692efdf
c63a931c0e0e324e65626ddcced4219bc85111d5c99d0fec9fa83b8825cac3fb
ceaa222c835bc24656a8278777b14d42ed467fee3686748685f81aa22a1c6b02
cf34841538378b7921bc20edf8729ccd1089e6c1cfd52b0555d23c64be50d1b8
cf6dba6a0e981046bf556ab96231583791e3e7358060a9d54dfabd66ba9ead50
cfcf08248a4e336e582207b7f7420b692a6d65f502fe84145d8db244cfcf27f6
d131fe598551c93fc807718be8464d5600ebd0cc80cb4b2a468867cc6e8e76a2
d13b72b65d430069f487c0b543168b4a461226c247284d4a4f74bbcd06265b2f
d2f58a2c768e5ad894a1cee0669cd37e34a837dbb9c20ee2136ace78274ff010
d456803897777a04591a7ca0b8e5eac005632bd55d1808df1c357fccc768b894
d4a12bfe11a7d7d3583f434e8c94c6bb9ccb7a1f2421e45d32f5de9ec0c40467
d7de0a29a1e43569614f34623cf022cd3e4ccb7d4468c918c1b7e48e0494ecc6
d7e2bab11b50ac3cb65eb4e1a6d7b0a5722194cdc4c31e9760cd6a577350d536
d9d4454e6f2dc22c28944252fc2787e6592560e6bbdf3edb1e6532734ba774b5
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
dd4e56fa46b15f31718eae73fc5cf14725d0cacd4d8019b83a3d50ff913c86c0
dd7e7c1a5eaab70a889019d8cd88d751a80c9350738d0fbbf46b08d2a1899afa
dfd2a379d47c84d2fb258a52c0dab620bccbb859e30d498946182208bbae2bc6
e0c58646f6d51cae4b6a321a4cda8506061527ec8ed23b7bd6ecf3467e99a0e4
e305d77ed7a06fbad0cab87fd095f513526e28a7c99e3859e2c444de4753d8c3
e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b61a0d1104a1e7143331130d523d2818cd93b466fbafd28034250ad09f7522
e4f1933dcf746c91fc82671cdf9e2c2d5f8c2639b77a6e91038933f25ac70cde
e559ae34f073280668b0fac759df52e7584129f374ee60746a287f58cc12d4c8
e582ac1d79997c9b6e4fcd3caa512596220afc40204e8a0defcb125077e7385d
e5c0559b6c07d59124a7fd2061611b0812abc4338098f58cc3fe6946d55e1d1e
e80dcdfd8f76d76717c9191b4b8020e423cad538e903385737a1ec28843e2e47
e94b47b3b0142c403bc3d0de6405034f8702c54210ee91087d22ccca219f90a5
e94fd1ed3600db4519cb4ce424ba54b5a66af4268724e32091df5fff7821f942
ebd2c53dc1e1739c079620657c5ac09d27d9772bb325b972d1db0f354774fb19
ec1c67a9fef8b807e48714e39308b2609a2b799e5ec667d1957bf4d2c056bd7c
ec8f43b85ab76b3c2b4fd3a90cdf0a1bbcb2bb91bcd9dc00795c044e5fec8999
ece45ab8aa231404e7938578a027453ff8f52d0365fd3a4c2289bf64c4b6e67e
ececb2707d82361eb570df465a60b66f32a1b7fac9baff8d981dc8682a1e961f
edec089a1a2210a73e489c702936ae7f5cc480ee0bfdf09403ffd85f430622bb
edf94f19f202c505f9427d440a197c0f989994cca0a873aff1ffcdeeb9f52b6a
ef52bcd5bc87b8fe86531a53766cd1349e122786526091a096a8387ba8862df0
efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8
f2038322f044499999135b7fe0be268ce9a24d23dc1b7bb1c6e3f04d4b9c7bc2
f3a42a7403c2993d0f0bfa86b2d6d55a11c0e3e6af1d2f496d6b775eeaaf9232
f3afeec7a3467730b04d8530c6d755ae05975e97e37b88ebf27576feb8453b5b
f4a6283ade3ba1e9300f5a9bc9593c32f246ad33adaa33011422c668b89db486
f7c24dba7a46112b0f5d36478b8329b6cb76304b48a1b8395b2c4b32b838ac1f
f869b9fdde669c6405c2fd97db45b3cd38dd47e58aa55ffc5669053856cdce9d
f86b7533b07ecafb472c3cdf573d1a052354eeed03d44e3e730cc63237b0444c
f87dda9c669d99efeea2a967805a174e7c735f3b5fcc7e30d23b004e4728ddd3
f9b1ffa90a3c6f1dbc9c971f4c141e52d94eb568d79ba10c01422be1f209a5f0
fa6ad67c6f74af5e89f3b43dcb2c7eaf2c3051e2150787f66ccd5d3d594bea39
fd53ef283f7382e7b9dfea79e1815d9456979d52efe05f942f51741c29b01443
ff5f844f63356d67d95c505ca673f7fc0d6e9443cb816cd5fc08e53703df9a2b
ff72daf17cb9cfabfbc9903680a3cf8ec891f797435c0438197bccf93c0c5d4a

www.bahn.de Open in urlscan Pro 2a02:26f0:300::215:8538 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

99 %HTTPS

100 %IPv6

4 Domains

6 Subdomains

7 IPs

2 Countries

2169 kBTransfer

4645 kBSize

20 Cookies

19 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bahn.de Open in urlscan Pro
2a02:26f0:300::215:8538 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

99 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

2169 kB
Transfer

4645 kB
Size

20
Cookies

188 HTTP transactions
19 data transactions