www.bahn.de Open in urlscan Pro
95.101.148.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bahn.de/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%...
Effective URL:
https://www.bahn.de/buchung/fahrplan/suche
Submission: On November 27 via manual (November 27th 2023, 11:47:46 am UTC) from DE — Scanned from DE

Summary HTTP 164 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 164 HTTP transactions. The main IP is 95.101.148.133, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.bahn.de. The Cisco Umbrella rank of the primary domain is 40208.
TLS certificate: Issued by DigiCert Global CA G2 on March 1st 2023. Valid for: a year.

This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
153	95.101.148.133 95.101.148.133	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:480... 2a02:26f0:480:23::1726:6283	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:214... 2600:9000:214f:2400:c:198:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	81.200.195.195 81.200.195.195	34156 (BAHN-AS-BLN) (BAHN-AS-BLN)
164	5

153 95.101.148.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-133.deploy.static.akamaitechnologies.com

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:23::1726:6283 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:2400:c:198:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cms.static-bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.200.195.195 (Frankfurt am Main, Germany) 1 redirects

ASN34156 (BAHN-AS-BLN, DE)

accounts.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
155	bahn.de 1 redirects www.bahn.de — Cisco Umbrella Rank: 40208 accounts.bahn.de — Cisco Umbrella Rank: 65361	2 MB
10	static-bahn.de assets.static-bahn.de — Cisco Umbrella Rank: 103548 cms.static-bahn.de — Cisco Umbrella Rank: 97657	244 KB
164	2

	Domain	Requested by
153	www.bahn.de	www.bahn.de cms.static-bahn.de
6	cms.static-bahn.de	www.bahn.de cms.static-bahn.de
4	assets.static-bahn.de	www.bahn.de
2	accounts.bahn.de	1 redirects www.bahn.de
164	4

This site contains links to these domains. Also see Links.

Domain
int.bahn.de
www.deutschebahn.com

Subject Issuer	Validity	Valid
www.bahn.de DigiCert Global CA G2	`2023-03-01` - `2024-03-31`	a year	crt.sh
subsites.bahn.de R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
cms.static-bahn.de Amazon RSA 2048 M02	`2023-09-23` - `2024-10-21`	a year	crt.sh
idm.dbv.service.deutschebahn.com R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/buchung/fahrplan/suche
Frame ID: FFC45F13479501F19221A610285106DA
Requests: 174 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html
Frame ID: 4176CC3EED663893AF843D38331AE641
Requests: 1 HTTP requests in this frame

Frame: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html
Frame ID: 518D9651E646DA180181B6409F788A98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hinfahrt

Page Statistics

164
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

5
IPs

2
Countries

2310 kB
Transfer

8126 kB
Size

13
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://int.bahn.de/cs/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Český Sprache wechseln: Český

Search URL Search Domain Scan URL

URL: https://int.bahn.de/da/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Dansk Sprache wechseln: Dansk

Search URL Search Domain Scan URL

URL: https://int.bahn.de/en/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: English Sprache wechseln: English

Search URL Search Domain Scan URL

URL: https://int.bahn.de/es/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Español Sprache wechseln: Español

Search URL Search Domain Scan URL

URL: https://int.bahn.de/fr/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Français Sprache wechseln: Français

Search URL Search Domain Scan URL

URL: https://int.bahn.de/it/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Italiano Sprache wechseln: Italiano

Search URL Search Domain Scan URL

URL: https://int.bahn.de/nl/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Nederlands Sprache wechseln: Nederlands

Search URL Search Domain Scan URL

URL: https://int.bahn.de/pl/buchung/fahrplan/suche#sts=true&so=Lahr(Schwarzw)&zo=Offenburg&kl=2&r=13:16:KLASSENLOS:1&soid=A%3D1%40O%3DLahr(Schwarzw)%40X%3D7834737%40Y%3D48340436%40U%3D80%40L%3D8003494%40B%3D1%40p%3D1700685770%40&zoid=A%3D1%40O%3DOffenburg%40X%3D7946725%40Y%3D48476479%40U%3D80%40L%3D8000290%40B%3D1%40p%3D1700685770%40&sot=ST&zot=ST&soei=8003494&zoei=8000290&hd=2023-11-30T12:08:13&rd=2023-12-01T12:00:00&hza=D&rza=D&ar=false&s=true&d=false&hz=%5B%5D&fm=false&bp=false
Title: Polski Sprache wechseln: Polski

Search URL Search Domain Scan URL

URL: https://www.deutschebahn.com/de
Title: Konzern Weitere Informationen: Konzern

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=kf_web&response_type=code&state=1goe6z9hZ5&scope=openid%20vendo&response_mode=fragment&prompt=none&code_challenge=pamSGVWF58r-5SCytRQPRZ7VWy8s7DhoxKyg_q_OfT0&code_challenge_method=S256 HTTP 302
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

164 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request suche Show response
www.bahn.de/buchung/fahrplan/ 27 KB
9 KB 60ms
16ms Document
text/html 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

829682c1ce65385e15545eb3ffcfd199c469a4bb90a8eb61b8a7b53f076378a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=64
content-encoding: gzip
content-length: 6513
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:47:37 GMT
expires: Mon, 27 Nov 2023 11:48:41 GMT
last-modified: Mon, 27 Nov 2023 11:43:12 GMT
server-timing: intid;desc=dbd345b406bfe775
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 asyncServices.210007f5d04e487385f5.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 28 KB
12 KB 105ms
104ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/asyncServices.210007f5d04e487385f5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4b7ba8961733ed7ff0924f59e45c62d8fd6e050fc92596580e7b8a9d53ec4e93

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=55e41677ee375771
content-length: 10061
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 auth.c30e9b639e42765d29c2.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 2 MB
392 KB 118ms
117ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.c30e9b639e42765d29c2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

816268916c196472db74215ed31342f7affbd96373ab15ff1998a4370ef26e91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=b6312772b391eb85
content-length: 398421
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 main.3cfce322e15a54405675.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 239 KB
143 KB 65ms
64ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/main.3cfce322e15a54405675.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a26d6baa1a5e064d607db7964dd1364a1fc7259d90ba6d65591fe04a806ac131

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Wed, 11 Oct 2023 15:34:56 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=780fd6edd9651a21
content-length: 144064
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 link-list.bb4d54ec0edc2a358c6a.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 955 B
2 KB 103ms
102ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/link-list.bb4d54ec0edc2a358c6a.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6c15f31adf98b1b6d38c8b1afb9113630e7730b29ca1381f069cb31099d8a6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=6870eb1994e9b085
content-length: 278
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 highlight-icon.b34247ef4d51c10c0c47.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 28 KB
10 KB 103ms
103ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/highlight-icon.b34247ef4d51c10c0c47.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4a99e4fd02590f62df0fad869eb24cd14358e36433bc6c891c2dd07a11b33dd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=b20319964ae672f9
content-length: 8451
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 business.1d1f0790e5cf0b9ce32b.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 3 KB
3 KB 104ms
103ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/business.1d1f0790e5cf0b9ce32b.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d7f7c81dcf84f3c857053816c76333720a88fadcc1f9139ae45d447e0bcb1f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=90d158ebab32833b
content-length: 949
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 db-logo.svg
assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/ 828 B
2 KB 79ms
18ms Image
image/svg+xml 2a02:26f0:480:23::1726:6283
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:47b6ca20-95d9-4102-bc5a-6ebb5634f009/db-logo.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6283 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; connect-src 'self' https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.secure.force.com; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de;
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
content-disposition: attachment; filename="db-logo.svg"
server-timing: intid;desc=e30526b8a8549c39
content-length: 480
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Mar 2022 14:18:43 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Wed, 27 Dec 2023 11:47:37 GMT

GET
H2 200 app.e7af92a5.js Show response
www.bahn.de/web/assets/ 256 KB
52 KB 106ms
105ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/app.e7af92a5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd306dd5bc9e3adaa81f472d678ac3116b3a7655889f577b4810cdcdedf05733

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6682ab4b1a9f0b17, intid;desc=6682ab4b1a9f0b17
content-length: 52605
x-xss-protection: 1; mode=block

GET
H2 200 common.b4b05bd9.js Show response
www.bahn.de/web/assets/ 141 KB
54 KB 107ms
107ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/common.b4b05bd9.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a5c3182d9aff15a8471d6884f019c45e971ebfe9934a1750cc82a8bc39c96701

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=cd60e531838cb95b, intid;desc=cd60e531838cb95b
content-length: 54425
x-xss-protection: 1; mode=block

GET
H2 200 common.97c9e711.js Show response
www.bahn.de/web/assets/ 592 KB
177 KB 109ms
109ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/common.97c9e711.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

29f714462d768657d5edf11794b0884e85b4fd77a5bb2ddae9848c1e8804005f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d8689b6788ed25ac, intid;desc=d8689b6788ed25ac
content-length: 180326
x-xss-protection: 1; mode=block

GET
H2 200 style.f53ac737.css
www.bahn.de/web/assets/ 676 KB
115 KB 115ms
115ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/style.f53ac737.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

450d0b7419dd3e77f8c0c2eec121515c251a1994e8ee926fee92893c1d72f240

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=182cf36a15e6ac61, intid;desc=182cf36a15e6ac61
content-length: 117218
x-xss-protection: 1; mode=block

GET
H2 200 footer-image-bar.5872887289bf1e67ceb8.css
www.bahn.de/.resources/bahn-common-light/webresources/css/ 2 KB
3 KB 37ms
37ms Stylesheet
text/css 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/css/footer-image-bar.5872887289bf1e67ceb8.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

eaa6397295435a5c32ba615dcaa627149c1a5beccf7220e06349726093c951f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:59 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=75393cd9da595d3f
content-length: 456
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 Creditcard_32.svg
assets.static-bahn.de/dam/jcr:8fcf78a6-ff6b-4c3f-8e22-fd7edca45ed3/ 1 KB
3 KB 16ms
14ms Image
image/svg+xml 2a02:26f0:480:23::1726:6283
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:8fcf78a6-ff6b-4c3f-8e22-fd7edca45ed3/Creditcard_32.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6283 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

00521230e8053624727f59a5e5bfebb162b1e43a102925c1b97661d2d5ead7b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
content-disposition: attachment; filename="Creditcard_32.svg"
server-timing: intid;desc=cfaeb0a1636e871f
content-length: 627
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 10:50:04 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Wed, 27 Dec 2023 11:47:37 GMT

GET
H2 200 paypal.svg
assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/ 11 KB
7 KB 17ms
15ms Image
image/svg+xml 2a02:26f0:480:23::1726:6283
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:41560da4-1f88-47f5-be6a-6a8db627f24f/paypal.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6283 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
content-disposition: attachment; filename="paypal.svg"
server-timing: intid;desc=40e789b173033fdd
content-length: 4621
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 10:49:07 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Wed, 27 Dec 2023 11:47:37 GMT

GET
H2 200 sepa-logo-icon.svg
assets.static-bahn.de/dam/jcr:b999fc06-d39b-41f0-b107-9c53129c173d/ 1 KB
3 KB 18ms
15ms Image
image/svg+xml 2a02:26f0:480:23::1726:6283
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.static-bahn.de/dam/jcr:b999fc06-d39b-41f0-b107-9c53129c173d/sepa-logo-icon.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:23::1726:6283 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c545a5aa779cc7b3fc5906069b3885f4279234891a9de0cfbd677a6cbd3a5d76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
content-disposition: attachment; filename="sepa-logo-icon.svg"
server-timing: intid;desc=21dbf80221381c0d
content-length: 705
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2023 10:52:39 GMT
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: https://www.bahn.de
cache-control: public, max-age=2592000
expires: Wed, 27 Dec 2023 11:47:37 GMT

GET
H2 200 scripts.35ef011587063c8a0c9e.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 2 MB
435 KB 19ms
16ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3a7027ad69c8f11c1b36990c25823a14382524bf2b61b9ca4fad2afdda5cd40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=74d487640a12232f
content-length: 442744
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 fSuggest_v1512-cms.min.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/assets/js/ 25 KB
8 KB 19ms
16ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/assets/js/fSuggest_v1512-cms.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d94894332082135766996807fe098b2f2a37b74f2f09bbc218578d9ff9981a53

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=25b8fbda063f6ced
content-length: 5903
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 fSuggest_toptreffer.min.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/assets/js/ 39 KB
10 KB 25ms
22ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/assets/js/fSuggest_toptreffer.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c9951d2e91bf613d354f4d2f20d69df0ae3bcfffcef1b5abded73f584a10730

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=f6742d2477aa6ded
content-length: 7674
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
DATA 200
OK truncated
/ 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd5a134190030a84e4648653bace9063f9de7c02c7d0a87d93bc37bfa087018

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 428 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8e2e1a340e5f7ec9d39d04a6192fa216bf444f848e45753e3b7f9ee44f2ce59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6565f827b8c4678937e4e26f98779af77304e1d87f3e81ebbafcc51b34cf7f9c

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e04ee1aeda1980025084d1393df4f306c133bea1e4efb09747cbd73ec9af537

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 47 KB
47 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac850d458b1443353c2e4acf1dfbcc8ef559a4c3a54477156f89dba9d8ff5f09

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET
H2 200 utag.js Show response
cms.static-bahn.de/tms/next-main/ 232 KB
63 KB 67ms
8ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5ef7e5610124d9d2b70dd34e64fbf4f56ce0a0959d32bfc6bccddd329afdf06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: eu9jrlWK8fHBg9RgqwgMpavwlH60Fdx7
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Sun, 26 Nov 2023 14:14:11 GMT
last-modified: Fri, 24 Nov 2023 07:25:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 77610
x-amz-server-side-encryption: AES256
etag: W/"a18f55cf02a2850570b16356e7d06980"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fPfzwxRxtMIdUjiBpyMeFDTuqpDIIw9c6nK0qpuMZsSNLiw_u6GSDQ==

GET
H2 200 desktop Show response
www.bahn.de/.rest/navigation/ 7 KB
4 KB 18ms
17ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.rest/navigation/desktop?root=a5a66ce9-1eaa-41d7-87d4-1c9e52ea2bb1&loc=VENDO&language=de&productSite=true&linkPrefix=

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce9910b7175f7ff54e0b70fb106e3fbd5f8c86b91ab3720a28dcdd677a5e1d78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: public, max-age=295
server-timing: intid;desc=8697fdbcd49af029, intid;desc=8697fdbcd49af029
content-length: 1518
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 11:52:32 GMT

GET
H2 200 vendors~faq-search-with-filter~loginButton~vue-disruption-news~vue-navigation-mobile~vue-overlay~vue~2e19f125.d2058d74e1049e2b011c.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 80 KB
30 KB 36ms
36ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/vendors~faq-search-with-filter~loginButton~vue-disruption-news~vue-navigation-mobile~vue-overlay~vue~2e19f125.d2058d74e1049e2b011c.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a542c022fcd8fe7bf9517b7fa9172f6df7864c3223d497c2f911cd3ef13b2d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=6ac918cf89a9dda1
content-length: 28682
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 vue-popup.672cd29fa13cb4ffc991.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 15 KB
7 KB 35ms
35ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/vue-popup.672cd29fa13cb4ffc991.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

9db0261d570144e2b54bf14b243cecd977f7562ee2ccfa4380f81cc7e3ab5acc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=490c9aae8d9d5933
content-length: 5384
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 content-teaser-dropdown.021f61acbe9632f0935b.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 3 KB
3 KB 37ms
37ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/content-teaser-dropdown.021f61acbe9632f0935b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

83b7fa88145b21aa784a562234a0552bcd275e6a4339c1eb6c73f03b10823a63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=e5c33c7f54f3b535
content-length: 1157
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H2 200 loginButton.05cbeb5b5b401739698d.js Show response
www.bahn.de/.resources/bahn-common-light/webresources/js/ 37 KB
10 KB 38ms
38ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/js/loginButton.05cbeb5b5b401739698d.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d822b97f8e936a43c38624a33c9df6ba7a418cacc3aa67ffa6ddcc119d4aad81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:37 GMT
last-modified: Tue, 14 Nov 2023 18:59:46 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
x-frame-options: sameorigin, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: public, max-age=31536000
server-timing: intid;desc=280ba616a81038b5
content-length: 8276
x-xss-protection: 1; mode=block
expires: Tue, 26 Nov 2024 11:47:37 GMT

GET
H/1.1 200
OK openid-configuration Show response
accounts.bahn.de/auth/realms/db/.well-known/ 8 KB
10 KB 95ms
24ms Fetch
application/json 81.200.195.195
BAHN-AS-BLN

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.bahn.de/auth/realms/db/.well-known/openid-configuration

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.c30e9b639e42765d29c2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.200.195.195 Frankfurt am Main, Germany, ASN34156 (BAHN-AS-BLN, DE),

Reverse DNS

Software

Resource Hash

640c44164fde240005362c50120b593d37182855ebd763182d8d6009879df5eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://*.hcaptcha.com
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.bahn.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 11:47:37 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM https://*.hcaptcha.com
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.bahn.de
Cache-Control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
server-timing: intid;desc=840bb05ec19674da, intid;desc=840bb05ec19674da
Content-Length: 8417
X-XSS-Protection: 1; mode=block

GET
H2 200 index.html Show response
www.bahn.de/.resources/bahn-common/webresources/storage/ Frame 4176 2 KB
1 KB 16ms
16ms Document
text/html 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common/webresources/storage/index.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/scripts.35ef011587063c8a0c9e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

197be260b9d7d1e294764119d0d174c910b9bf0d15a18ffb9db1df2680b975f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-length: 762
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' https:; img-src 'self' data:; object-src 'none';
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:47:37 GMT
expires: Mon, 27 Nov 2023 11:52:37 GMT
last-modified: Mon, 06 Nov 2023 09:02:26 GMT
server-timing: intid;desc=de2e7da3aec87433
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 consent-layer-loader.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 6 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/buchung/fahrplan/suche
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6b178254f6e162400bdecaf0779fc7374f790fed9347442047facf63d926a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: D7hfLjFJkXx7zU.jQ1GSXmapfT1iTLg_
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Mon, 27 Nov 2023 07:26:09 GMT
last-modified: Thu, 02 Nov 2023 13:38:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15698
x-amz-server-side-encryption: AES256
etag: W/"d7ea5b88e3ba2b6d5bf77dabf9ea4ec7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HwK4vFvgiAEORrHv_qmfldCjhU3pJ732_6RsJlNTFcf_k5ZxlLemuQ==

GET
H2 200 consent-layer-standalone.7c59adb64d8e570e3f31.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 177 KB
132 KB 9ms
8ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-standalone.7c59adb64d8e570e3f31.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1c3fd1b87a4d5158d2d27d16b6d91b0d832d603b46629cf122406a9cc1245b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: zImuxl4aqLZTNLPEpiqcGQXeH_U3srkR
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Mon, 27 Nov 2023 07:26:09 GMT
last-modified: Thu, 02 Nov 2023 13:38:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15698
x-amz-server-side-encryption: AES256
etag: W/"524bd54fd2b20b47d6a4055e1da7eb35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Yiyj58UQ-OMleS1BM5Ro1YeLVgcMQ5CmDcHhVOMxyXLtRHWYNbOkBg==

GET
H2 200 consent-layer.06a70804d2884b4efb85.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 23 KB
7 KB 17ms
16ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer.06a70804d2884b4efb85.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27ef68d60fd0abbd4450c9a09342531bc7c796ad48b0adc55343d4df8960675f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: NVOH49tLy8t1MLtKZd_cSHqgRcAlrAX7
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Mon, 27 Nov 2023 07:26:04 GMT
last-modified: Thu, 02 Nov 2023 13:38:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15698
x-amz-server-side-encryption: AES256
etag: W/"2dea45e6e04da6568bd921d18f877833"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: YcLga1-dvo5j2VuH1JR_gWtFOcfe4rJw1QnYAWB7i9EFRRe5ps-l0Q==

GET
H2 200 4.5d02350526a030fd0348.js Show response
cms.static-bahn.de/cms/consent-layer/js/ 12 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/cms/consent-layer/js/4.5d02350526a030fd0348.js
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/cms/consent-layer/js/consent-layer-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9562ce5831e0240ebcbaa93d8f37255835cf3a64bfa567781e547a9a71d70c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 11hbPTWzhbQaU1G8pjmj_L1j6tMk9O.4
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Mon, 27 Nov 2023 07:26:09 GMT
last-modified: Thu, 02 Nov 2023 13:38:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 15700
x-amz-server-side-encryption: AES256
etag: W/"5e927d631bdab2dda969ce64f1988c23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wyqbrpyuuBXlGpVg-lgfNUvrzH2HZIIsdwymx-Hb9_5sjfN7OW_27Q==

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 516 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

auth.v1.html Show response
www.bahn.de/.resources/bahn-common-light/webresources/assets/html/ Frame 518D
Redirect Chain

https://accounts.bahn.de/auth/realms/db/protocol/openid-connect/auth?redirect_uri=https%3A%2F%2Fwww.bahn.de%2F.resources%2Fbahn-common-light%2Fwebresources%2Fassets%2Fhtml%2Fauth.v1.html&client_id=...
https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

0
2 KB

16ms
15ms

Document
text/html

95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.c30e9b639e42765d29c2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20
content-security-policy: default-src 'self' p11.techlab-cdn.com; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://*.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://*.hcaptcha.com https://*.bahn.de https://*.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com p11.techlab-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://*.m-pathy.com https://*.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://*.optimizely.com https://hcaptcha.com https://*.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com p11.techlab-cdn.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://*.hcaptcha.com https://www.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://*.m-pathy.com https://ps.bahn.de https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://*.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://*.m-pathy.com https://hcaptcha.com https://*.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://*.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
content-type: text/html;charset=UTF-8
date: Mon, 27 Nov 2023 11:47:37 GMT
expires: Tue, 26 Nov 2024 11:47:37 GMT
last-modified: Fri, 22 Sep 2023 07:01:04 GMT
server-timing: intid;desc=81908a809e081207
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 27 Nov 2023 11:47:37 GMT
Location: https://www.bahn.de/.resources/bahn-common-light/webresources/assets/html/auth.v1.html#error=login_required&state=1goe6z9hZ5
Referrer-Policy: no-referrer
Server-Timing: intid;desc=7819a66fe9dec037
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
server-timing: intid;desc=7819a66fe9dec037

GET
H2 200 user-context-data Show response
www.bahn.de/web/api/kundenkonto/ 90 B
868 B 77ms
77ms Fetch
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/user-context-data

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/.resources/bahn-common-light/webresources/js/auth.c30e9b639e42765d29c2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json;charset=utf-8
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json;charset=utf-8

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"5a-g3GO6Iib84nBrmVNuRHICMdTzDM"
vary: accept,authorization,cookie
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=60
server-timing: intid;desc=13ba6429846204e0, intid;desc=13ba6429846204e0
content-length: 90
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 424 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f6cfa39b171ab33269b67f1dc29443b2ec799ea2497e727eadf525173de0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 id Show response
www.bahn.de/st/ 48 B
737 B 39ms
39ms XHR
application/x-javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/st/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=18775690264128441142543066600102131172&ts=1701085657782

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

9a947927320bf29ce6f712ce520d3fa4a141461112c8c644407d58aefb7be5db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
server: jag
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: private, no-cache, no-store, no-transform
content-length: 48
x-xss-protection: 1; mode=block
expires: Mon, 27 Nov 2023 11:47:37 GMT

GET
H2 200 frontend-config.json Show response
www.bahn.de/web/ 2 KB
1 KB 17ms
17ms Fetch
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/frontend-config.json

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

552ccb3f945896e6d60b1a344534b281556c510d191322fb5d61a8e62e536cc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/buchung/fahrplan/suche
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=60
server-timing: intid;desc=5648e02edb53d5dd, intid;desc=5648e02edb53d5dd
content-length: 834
x-xss-protection: 1; mode=block

GET
H2 200 stammdaten Show response
www.bahn.de/web/api/kundenkonto/ 57 B
690 B 51ms
50ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/stammdaten?typ=anrede

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

70074d8ac8ccdc7215df39c8214462358c5d4c2792c0e9392a15936df938c54a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"39-9Nah9k50k/Kt/nHb654ag7xw7mg"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=f3bb757526b2ab0e, intid;desc=f3bb757526b2ab0e
content-length: 57
x-xss-protection: 1; mode=block

GET
H2 200 stammdaten Show response
www.bahn.de/web/api/kundenkonto/ 159 B
793 B 63ms
62ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/stammdaten?typ=titel

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

2b4a1c582d29ea291030c4e91f42af2d02bca9af088e02b9342ede8fa33d9ee9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"9f-a+fDIUQ3F1jDF5AbWWnNJ2dFU5U"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=ec2ceefecd6e1ae8, intid;desc=ec2ceefecd6e1ae8
content-length: 159
x-xss-protection: 1; mode=block

GET
H2 200 stammdaten Show response
www.bahn.de/web/api/kundenkonto/ 9 KB
10 KB 55ms
55ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/kundenkonto/stammdaten?typ=land

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

0596aabb5219b7cb11cfc50ba512faafc377c9e2713b95874087330706945962

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"23ff-AI1Sa/rxs8T34wu+57ztDAK0o7Q"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=978f79f65eef60cd, intid;desc=978f79f65eef60cd
content-length: 9215
x-xss-protection: 1; mode=block

GET
H2 200 reisendentypen Show response
www.bahn.de/web/api/angebote/stammdaten/ 2 KB
3 KB 59ms
59ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/stammdaten/reisendentypen

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b13343e9bfd74be61a21ab4f295455bf303548e298ed48cebdce70db8c64a67

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"92b-5PZi771pKnQ3maWxl99njdSH+SM"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=6a3f761ca2d9d9c2, intid;desc=6a3f761ca2d9d9c2
content-length: 2347
x-xss-protection: 1; mode=block

GET
H2 200 reisendentypen Show response
www.bahn.de/web/api/angebote/stammdaten/ 3 KB
4 KB 70ms
70ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/stammdaten/reisendentypen?internal=true

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a308277f8e36e73b73097416a03107fcb9d8584142088be643c4ed730e68bc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"dd7-g3qUcCgd8PtrwcwrW52DGgTF0is"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=e148a65dbea4504b, intid;desc=e148a65dbea4504b
content-length: 3543
x-xss-protection: 1; mode=block

GET
H2 200 ermaessigungsarten Show response
www.bahn.de/web/api/angebote/stammdaten/ 2 KB
2 KB 60ms
60ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/stammdaten/ermaessigungsarten

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

dcc874713fcf9a5130c5cea6aeb46cb9f44795daccea8756d32a53cae2ee28e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: 83fda994-5833-47fa-9478-4d363cd66ab0_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 11:47:37 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"6ba-0BqI/yyUXatiIOafvXhpAQgxQHs"
vary: accept-language
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200, stale-if-error=86400
server-timing: intid;desc=c1087747769e8a7f, intid;desc=c1087747769e8a7f
content-length: 1722
x-xss-protection: 1; mode=block

GET
H2 200 FahrplanbasierteBuchungsstrecke.ee0b3598.js Show response
www.bahn.de/web/assets/ 6 KB
3 KB 19ms
17ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/FahrplanbasierteBuchungsstrecke.ee0b3598.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ccd9b919f3c143d65a90975d667564d17998df5aedb3b6e99aeb2eb8fa226b93

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=012f0d74a892d866, intid;desc=012f0d74a892d866
content-length: 2553
x-xss-protection: 1; mode=block

GET
H2 200 composables.91beea57.js Show response
www.bahn.de/web/assets/ 517 B
729 B 20ms
18ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/composables.91beea57.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a609359bcf6cd1e8a3bb69e0900519caaf4170a6c0c2420da24af2e3ae26b9d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=9a615f35b5c291f4, intid;desc=9a615f35b5c291f4
content-length: 341
x-xss-protection: 1; mode=block

GET
H2 200 AppHeader.7529f9a1.js Show response
www.bahn.de/web/assets/ 32 KB
11 KB 21ms
18ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/AppHeader.7529f9a1.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a69df7da3da63d9252601211a7bd6a90422d86bf0e38b59ee30d68913ee38ecd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=fd8560a933bbcac8, intid;desc=fd8560a933bbcac8
content-length: 10677
x-xss-protection: 1; mode=block

GET
H2 200 useUserContextService.bd04fb02.js Show response
www.bahn.de/web/assets/ 298 B
620 B 21ms
19ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useUserContextService.bd04fb02.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b0b830ecfcd5dcc352dcbcb4461bbcaa9da40f5336c358a5f71536d456b02d7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=02d6c5e576cd8732, intid;desc=02d6c5e576cd8732
content-length: 234
x-xss-protection: 1; mode=block

GET
H2 200 CmsHtmlManipulationService.e45dfb58.js Show response
www.bahn.de/web/assets/ 606 B
682 B 30ms
28ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/CmsHtmlManipulationService.e45dfb58.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f549a47fb1eee8143875a3c6f0829ffcbf85a30326b0ba5cb4afd8941bd403a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b251203f07b1fb4a, intid;desc=b251203f07b1fb4a
content-length: 296
x-xss-protection: 1; mode=block

GET
H2 200 useStore.7dd63077.js Show response
www.bahn.de/web/assets/ 202 B
569 B 22ms
20ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useStore.7dd63077.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

13f73943269568906c76699bda3946851599dd19381d496b4cf222cddff8c8ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7be8c3a965e3c905, intid;desc=7be8c3a965e3c905
content-length: 183
x-xss-protection: 1; mode=block

GET
H2 200 useStore.84780110.js Show response
www.bahn.de/web/assets/ 339 B
645 B 23ms
21ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useStore.84780110.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b92f762eb77ef043e523d27fc3bd6a61423663d877c5129f3e65145c37176bbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=21aff7c548b7c9ef, intid;desc=21aff7c548b7c9ef
content-length: 260
x-xss-protection: 1; mode=block

GET
H2 200 DBWebHeader.377742e2.js Show response
www.bahn.de/web/assets/ 7 KB
3 KB 30ms
29ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebHeader.377742e2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd5e7205a389805ea4a47728c689b136ab600045b37fca2072075e2c731997d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a100902af1b53f01, intid;desc=a100902af1b53f01
content-length: 2917
x-xss-protection: 1; mode=block

GET
H2 200 NameFormatter.486d2cbc.js Show response
www.bahn.de/web/assets/ 654 B
798 B 31ms
29ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/NameFormatter.486d2cbc.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5a3d0f0be66fc07422e90dfe626f47b751dff515a0d0d119f01a3688ac44b62a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b535910c8b878780, intid;desc=b535910c8b878780
content-length: 411
x-xss-protection: 1; mode=block

GET
H2 200 dateFormat.dc9efa83.js Show response
www.bahn.de/web/assets/ 473 B
675 B 32ms
30ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/dateFormat.dc9efa83.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6eac3691cf1b74983b5c8fe34c4c30d32683011805392da5c118c82859275a38

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7acf98ce7dd72b13, intid;desc=7acf98ce7dd72b13
content-length: 290
x-xss-protection: 1; mode=block

GET
H2 200 StartZiel.d6e962b5.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 32ms
31ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/StartZiel.d6e962b5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4896e9354bdf9844b3035bca86f20a54229afad29d396db147cbe678a66b15e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b50920f78206f7a2, intid;desc=b50920f78206f7a2
content-length: 926
x-xss-protection: 1; mode=block

GET
H2 200 DateFormatter.853dd502.js Show response
www.bahn.de/web/assets/ 290 B
620 B 33ms
31ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DateFormatter.853dd502.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c414616660c07e2ee9312c9da0f75f89e529b5a9758ec1a247e39a47d9ccbfd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=4bd28ccced6e0aae, intid;desc=4bd28ccced6e0aae
content-length: 234
x-xss-protection: 1; mode=block

GET
H2 200 useDBWebDialog.c0693d49.js Show response
www.bahn.de/web/assets/ 351 B
651 B 33ms
32ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useDBWebDialog.c0693d49.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ded44f0fdcd69985d21221928d490fe5d9d7f983e952de5219937f1e7a6fdf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=fb82d5fd28e0e1e4, intid;desc=fb82d5fd28e0e1e4
content-length: 265
x-xss-protection: 1; mode=block

GET
H2 200 icePortalClickEvent.abc14102.js Show response
www.bahn.de/web/assets/ 324 B
654 B 34ms
32ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/icePortalClickEvent.abc14102.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c89d49a07ce79456ab62663984b53393320484c1ddc7c5be11c455fdcc84a9b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2f7112b7cf43bca8, intid;desc=2f7112b7cf43bca8
content-length: 268
x-xss-protection: 1; mode=block

GET
H2 200 ICEPortal.992879af.js Show response
www.bahn.de/web/assets/ 217 B
556 B 34ms
33ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ICEPortal.992879af.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

8219711a6e026ca567b0b5c810229105826a4f628d96338e3fb958dcc5893153

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=07959166be6c4331, intid;desc=07959166be6c4331
content-length: 168
x-xss-protection: 1; mode=block

GET
H2 200 useUserContext.7c045d1b.js Show response
www.bahn.de/web/assets/ 476 B
679 B 35ms
34ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useUserContext.7c045d1b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1345e1d3a48894f53b8907e4f4b5befd44337bd8a646a6cfab203609020698cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b467d8e64d87bbd5, intid;desc=b467d8e64d87bbd5
content-length: 292
x-xss-protection: 1; mode=block

GET
H2 200 DBWebWizard.1f981e5c.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 35ms
34ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebWizard.1f981e5c.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7edc24269b1241d62c812ed6313ac7895ca8c37ca88f484a41858407c9263a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7ee096e1f939f39e, intid;desc=7ee096e1f939f39e
content-length: 762
x-xss-protection: 1; mode=block

GET
H2 200 LoadingPage.ae0ae0f0.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 36ms
35ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/LoadingPage.ae0ae0f0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

09fa4305e42884edf43d7d5a6cd742859c557c2d3dfbb4d11c62446cae71fbc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8ca1eebc8161e591, intid;desc=8ca1eebc8161e591
content-length: 1036
x-xss-protection: 1; mode=block

GET
H2 200 LoadingIndicator.07320c8f.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 36ms
35ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/LoadingIndicator.07320c8f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b4885ef8fdb6b3cd92bf75d2e2892ca8ab5643fd16645768229afae9286ddf49

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=3f07532233b57fa0, intid;desc=3f07532233b57fa0
content-length: 849
x-xss-protection: 1; mode=block

GET
H2 200 ReiseloesungListPage.86d2f0be.js Show response
www.bahn.de/web/assets/ 90 KB
25 KB 30ms
27ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReiseloesungListPage.86d2f0be.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

963282dd296f31c44a75dbef7cdc980ecb15b05a17360359a095e65fef8e747f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=31ca79b79f6fc566, intid;desc=31ca79b79f6fc566
content-length: 25525
x-xss-protection: 1; mode=block

GET
H2 200 Reiseplan.a86f7cb3.js Show response
www.bahn.de/web/assets/ 94 KB
24 KB 30ms
28ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Reiseplan.a86f7cb3.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

38b326e885de85bfb70e72ecb3a5ba6f5fd2b87e61a3d0cb95a073be3b3016f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=573f0d603f367260, intid;desc=573f0d603f367260
content-length: 24196
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTransitionDropdown.0f39dcef.js Show response
www.bahn.de/web/assets/ 1 KB
887 B 31ms
29ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTransitionDropdown.0f39dcef.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4b8c64fb6b3fc278d7d0fd6b823ee1446c1c39728d037183cc73ea602a24833a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=5317e43fda97cf3f, intid;desc=5317e43fda97cf3f
content-length: 500
x-xss-protection: 1; mode=block

GET
H2 200 DBWebModalContainer.4c1286d4.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 32ms
30ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebModalContainer.4c1286d4.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

efa8b08192daa3f7e2415c8e09f84599d0c01cc4c0be1c0e37209abac38fa582

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=dcd9134d2474f652, intid;desc=dcd9134d2474f652
content-length: 1471
x-xss-protection: 1; mode=block

GET
H2 200 chunk-4RP2N3TY.4866debc.js Show response
www.bahn.de/web/assets/ 600 B
747 B 33ms
31ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-4RP2N3TY.4866debc.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f40ba29f5f1dea8c9f9480a3e6d344ca90b3b3226b9509115e5898feefd6230b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=959e6e11f5124f8e, intid;desc=959e6e11f5124f8e
content-length: 361
x-xss-protection: 1; mode=block

GET
H2 200 chunk-MEAK3HJF.6c32a200.js Show response
www.bahn.de/web/assets/ 151 B
538 B 34ms
32ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-MEAK3HJF.6c32a200.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

aad41f4a1d38af1c73782a592b949530142afeef4eb29d08dbe193a9149f01c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b78443ce286d21bf, intid;desc=b78443ce286d21bf
content-length: 151
x-xss-protection: 1; mode=block

GET
H2 200 chunk-E4JSIWSX.f0a978b5.js Show response
www.bahn.de/web/assets/ 120 B
499 B 34ms
33ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-E4JSIWSX.f0a978b5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ccc59f70c381eacd004feb05d22610a9dd2c64901a78ff5be124eaa2d6fa8fd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Thu, 09 Nov 2023 07:55:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=99efa6527ec81c35, intid;desc=99efa6527ec81c35
content-length: 113
x-xss-protection: 1; mode=block

GET
H2 200 VerbindungsUtils.628696a4.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 57ms
54ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/VerbindungsUtils.628696a4.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

bde4df2738e2a15708b61d33962d5ec17db5b88ee794381dacd6f912fa46d3a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=bf3fe65f790e36f0, intid;desc=bf3fe65f790e36f0
content-length: 932
x-xss-protection: 1; mode=block

GET
H2 200 chunk-XYWE3BZH.5fd67015.js Show response
www.bahn.de/web/assets/ 196 B
567 B 58ms
55ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-XYWE3BZH.5fd67015.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce2f409b0939ac7139ac85f892113c919d2820f589e0eca7aaab6379b8b06ddb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=239bf9c9e06f95fb, intid;desc=239bf9c9e06f95fb
content-length: 179
x-xss-protection: 1; mode=block

GET
H2 200 index.caa5ede2.js Show response
www.bahn.de/web/assets/ 311 B
637 B 59ms
56ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.caa5ede2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a59877d62361a79e3c61e969b9857adf21833a58723cc063024bfec92f3e4b44

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6bd54b4ca18be4ba, intid;desc=6bd54b4ca18be4ba
content-length: 250
x-xss-protection: 1; mode=block

GET
H2 200 index.cbed5164.js Show response
www.bahn.de/web/assets/ 439 B
695 B 59ms
57ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.cbed5164.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ffdbaa1252e69de9c0e8aad08c6410fe72a43360a442e31cc42e94038fd0677e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=d14da54409f5e9a9, intid;desc=d14da54409f5e9a9
content-length: 307
x-xss-protection: 1; mode=block

GET
H2 200 chunk-EVWWWYYN.e0a4e0b4.js Show response
www.bahn.de/web/assets/ 245 B
563 B 60ms
58ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-EVWWWYYN.e0a4e0b4.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ab44186bf3e4edb65aea6a6585721f2177951c4bb8f82c192bfd4d646aa533f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Thu, 09 Nov 2023 07:55:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=4f4acfebaa4efdf3, intid;desc=4f4acfebaa4efdf3
content-length: 176
x-xss-protection: 1; mode=block

GET
H2 200 ReisekettenService.89405f2f.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 60ms
58ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisekettenService.89405f2f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

111e420f042f652f2aa47b9bd095119b0db15eb5b7e2609bd076e1d49c6385c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8da91e2dcaa044f9, intid;desc=8da91e2dcaa044f9
content-length: 770
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSwitch.4aca4fda.js Show response
www.bahn.de/web/assets/ 6 KB
3 KB 61ms
59ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSwitch.4aca4fda.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

12ba61e74e3e4cfa2b5ddf741cc1745a0596a63a772d41a4af8cd6d8c285f9f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c6aba6169880c073, intid;desc=c6aba6169880c073
content-length: 2197
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTooltip.d6604f2c.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 61ms
60ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTooltip.d6604f2c.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a66a8160eb49e544aa1fc5e33c164c6287a047cdf2b2ba0e75630daf72a8a47

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2aed1e8688bed046, intid;desc=2aed1e8688bed046
content-length: 676
x-xss-protection: 1; mode=block

GET
H2 200 DBWebIconWithLabel.4ef99f88.js Show response
www.bahn.de/web/assets/ 22 KB
9 KB 93ms
92ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebIconWithLabel.4ef99f88.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

8dbbef7c02af0606677aaba5dd6dd942a1dffef7c2a29247ed54d37602324206

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ddbe7182cc7c148c, intid;desc=ddbe7182cc7c148c
content-length: 8814
x-xss-protection: 1; mode=block

GET
H2 200 purify.es.6dd2cec3.js Show response
www.bahn.de/web/assets/ 21 KB
9 KB 62ms
59ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/purify.es.6dd2cec3.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f6abc604ebd6b5988e4dd9f7a049a50de9deacbe808dfccac6d7d6c69892cc85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=1f6a45b6d3349338, intid;desc=1f6a45b6d3349338
content-length: 8375
x-xss-protection: 1; mode=block

GET
H2 200 ProduktGattungIcon.4d591573.js Show response
www.bahn.de/web/assets/ 17 KB
6 KB 62ms
60ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ProduktGattungIcon.4d591573.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2fa8040b86c516fb60b2502fa496dfb6728e677b2b8d38b1c2bb16333aa3f3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=90d0afcc367c2264, intid;desc=90d0afcc367c2264
content-length: 5261
x-xss-protection: 1; mode=block

GET
H2 200 CssAlignment.e7c381b2.js Show response
www.bahn.de/web/assets/ 155 B
544 B 94ms
92ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/CssAlignment.e7c381b2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a72a5fb0f797fe70842d3384945bd6fa5146232ab8f8949757df3c83231e2c1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ddc5ec0d0cdb789f, intid;desc=ddc5ec0d0cdb789f
content-length: 158
x-xss-protection: 1; mode=block

GET
H2 200 VerbindungsHalt.cb93e585.js Show response
www.bahn.de/web/assets/ 11 KB
3 KB 63ms
61ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/VerbindungsHalt.cb93e585.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea2953b5e04e18c17730bf07a2dc6686ceefa09fcf634e2a67ce3b5a5c38d6de

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e760678c7547c470, intid;desc=e760678c7547c470
content-length: 3097
x-xss-protection: 1; mode=block

GET
H2 200 ZeitAnzeige.d23e13bd.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 63ms
62ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ZeitAnzeige.d23e13bd.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

edf7745207202cee75801b0604fb69b993cb323a7f7c67084e3aa9d4aab3fdd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=44be79154a9d0fc7, intid;desc=44be79154a9d0fc7
content-length: 779
x-xss-protection: 1; mode=block

GET
H2 200 chunk-GOAMF7IW.a1bf0ccb.js Show response
www.bahn.de/web/assets/ 366 B
657 B 94ms
93ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-GOAMF7IW.a1bf0ccb.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

2a099aa4dde3f0459c0a483a7c3669a541005fec780aca970b8cff7a8a6c5a90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2bfc91ca2fa3e9a0, intid;desc=2bfc91ca2fa3e9a0
content-length: 272
x-xss-protection: 1; mode=block

GET
H2 200 PriorisierteMeldung.1fd4fc63.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 64ms
62ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/PriorisierteMeldung.1fd4fc63.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

ecbd5665d90fad3273c392ac3d9e4bf584a367fb77d770ab27b586d65a9e7001

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=74bc1ec1cfdb83a8, intid;desc=74bc1ec1cfdb83a8
content-length: 836
x-xss-protection: 1; mode=block

GET
H2 200 chunk-M457ICVC.04380c71.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 95ms
93ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-M457ICVC.04380c71.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

77af2a0ad30ebbfbdedd14721c33aedcaade729b1b776e634bcff8035ce1eaea

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=5d0a04ec4275c30d, intid;desc=5d0a04ec4275c30d
content-length: 930
x-xss-protection: 1; mode=block

GET
H2 200 duration.filter.94774109.js Show response
www.bahn.de/web/assets/ 1 KB
959 B 64ms
62ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/duration.filter.94774109.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

9b15b59b22b34bdbbc6f6496b1370f27e1e2e92108351d3fd00792f907c9f30f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=aa465dd3260f2991, intid;desc=aa465dd3260f2991
content-length: 573
x-xss-protection: 1; mode=block

GET
H2 200 index.63ef4efa.js Show response
www.bahn.de/web/assets/ 322 B
618 B 95ms
93ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.63ef4efa.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7c59928f6fe7dcd1b8f4a1ef10b6468ec00fa588786d254a1d8c165c0603f8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=4198fb0fd1b244f3, intid;desc=4198fb0fd1b244f3
content-length: 231
x-xss-protection: 1; mode=block

GET
H2 200 ZugnummerLabel.2dfa981b.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 96ms
94ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ZugnummerLabel.2dfa981b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

680d40a3a1fce25ba1a159a9e6562de072101a4accca56224fea2814d14d5577

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8328c26b0df11104, intid;desc=8328c26b0df11104
content-length: 645
x-xss-protection: 1; mode=block

GET
H2 200 DBWebDialogBody.cf8d2df7.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 96ms
95ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebDialogBody.cf8d2df7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6be54627e77c3684134c32c0ac7805e5f918b5fb763a332c7141538ac56b13be

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c364088e4116307d, intid;desc=c364088e4116307d
content-length: 796
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTransitionScaleOut.8f19e92c.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 97ms
96ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTransitionScaleOut.8f19e92c.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a8b335696632c914980ed29a2bff1b412f9f419bf44f02eefd6c972564846a12

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=1fe84597ef57cd26, intid;desc=1fe84597ef57cd26
content-length: 696
x-xss-protection: 1; mode=block

GET
H2 200 DBWebExpansionToggle.8de1ef4d.js Show response
www.bahn.de/web/assets/ 1 KB
997 B 97ms
96ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebExpansionToggle.8de1ef4d.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f7e5b253c8596ea83eb443d82f48501a8a5adeb50714796d09f68cf9a6deb54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2fcfa63835baa6c7, intid;desc=2fcfa63835baa6c7
content-length: 612
x-xss-protection: 1; mode=block

GET
H2 200 AuslastungLangText.e33f2cb1.js Show response
www.bahn.de/web/assets/ 8 KB
2 KB 98ms
97ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/AuslastungLangText.e33f2cb1.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1ecf196b80f91afda84c6e4af44b6c7637708c113874b3a59dc1c30de548469e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a7f05bb6b13385e5, intid;desc=a7f05bb6b13385e5
content-length: 2092
x-xss-protection: 1; mode=block

GET
H2 200 _defineProperty.8e3833c7.js Show response
www.bahn.de/web/assets/ 155 B
539 B 99ms
97ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_defineProperty.8e3833c7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1dc358539a6e69b332f27b71f073b29265836ea4b38310c792c55ade575ad6b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=0dd5aa3ea92a1e7e, intid;desc=0dd5aa3ea92a1e7e
content-length: 153
x-xss-protection: 1; mode=block

GET
H2 200 _arrayMap.6bdafb5b.js Show response
www.bahn.de/web/assets/ 213 B
581 B 99ms
98ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_arrayMap.6bdafb5b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

757fe485e5e3121166f2a1a2e41c203438fafda4b7bc7b15a168936dd849ef96

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8094e82abc1d9251, intid;desc=8094e82abc1d9251
content-length: 195
x-xss-protection: 1; mode=block

GET
H2 200 chunk-IGEKHNNA.ec7e45f5.js Show response
www.bahn.de/web/assets/ 128 B
503 B 100ms
99ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-IGEKHNNA.ec7e45f5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d74fc704ce0c29d3c6fb0846a4d236de99804ac60bda78c73419f440b1d6eced

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Thu, 09 Nov 2023 07:55:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=cb3ceebefb826f72, intid;desc=cb3ceebefb826f72
content-length: 117
x-xss-protection: 1; mode=block

GET
H2 200 AuslastungLegend.09c19f9b.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 101ms
100ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/AuslastungLegend.09c19f9b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

547dd953eef952c98ea17e6874941982c8e955e36bfdcc3c5cc0329c91c2a808

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=85ad8f9b2c047d3d, intid;desc=85ad8f9b2c047d3d
content-length: 929
x-xss-protection: 1; mode=block

GET
H2 200 DBWebPageNavigationBar.2cccf56f.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 101ms
100ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebPageNavigationBar.2cccf56f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6837e9c30f1e53290cc2d972f63c2afe8b362e78da0193d8695d26159e00e674

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=377e536bbea367eb, intid;desc=377e536bbea367eb
content-length: 920
x-xss-protection: 1; mode=block

GET
H2 200 Legende.bb30771a.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 102ms
101ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Legende.bb30771a.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

545ebd8e887b3462267ad13153a1de45dc44c6579d88291d4533e90b802ba362

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f1da625b8d95ea77, intid;desc=f1da625b8d95ea77
content-length: 1161
x-xss-protection: 1; mode=block

GET
H2 200 safeHTMLDirective.53d76957.js Show response
www.bahn.de/web/assets/ 407 B
689 B 102ms
102ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/safeHTMLDirective.53d76957.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5638d3ccb5ea97954b9d681d74804bd4d7b701581c10514da4024c09cc2b27ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=96c330b3f9289695, intid;desc=96c330b3f9289695
content-length: 302
x-xss-protection: 1; mode=block

GET
H2 200 Footnote.22d44ec0.js Show response
www.bahn.de/web/assets/ 563 B
764 B 103ms
102ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Footnote.22d44ec0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c2b001b3b45665759530bee4409cd2e9ecc0396957365e5e002a2f33e7dc239

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=89ad63f5a910b977, intid;desc=89ad63f5a910b977
content-length: 376
x-xss-protection: 1; mode=block

GET
H2 200 QuickFinder.3d29ad73.js Show response
www.bahn.de/web/assets/ 83 KB
22 KB 103ms
103ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/QuickFinder.3d29ad73.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

62fb174a1c4ebcc4ef03294296ba95adb126c1c1798c2858cc3840d43d8ac422

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=54d1ddeb7ead9897, intid;desc=54d1ddeb7ead9897
content-length: 21834
x-xss-protection: 1; mode=block

GET
H2 200 ClickOutsideDirective.7e567ac7.js Show response
www.bahn.de/web/assets/ 753 B
838 B 104ms
104ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ClickOutsideDirective.7e567ac7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

65f565612a6f3dcf726ae9c607d93bcbc83701d2e5ec044c091d2ad2373b3417

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2a4088f2f24e8068, intid;desc=2a4088f2f24e8068
content-length: 452
x-xss-protection: 1; mode=block

GET
H2 200 chunk-HSXCYZMJ.c19ca6a2.js Show response
www.bahn.de/web/assets/ 37 KB
7 KB 105ms
104ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-HSXCYZMJ.c19ca6a2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

81dc68a2f8c70b95b59783b05962063fde1c2e0fe3849019d21bb55efd895b63

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=64fee72a000dd5c1, intid;desc=64fee72a000dd5c1
content-length: 7234
x-xss-protection: 1; mode=block

GET
H2 200 ReisendeFactory.bf07473b.js Show response
www.bahn.de/web/assets/ 629 B
739 B 105ms
105ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisendeFactory.bf07473b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

7aad204487ca152fd0cb78c9d883a1be6afa983c1788f7538014af616874d709

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=9c242f590cb7e650, intid;desc=9c242f590cb7e650
content-length: 353
x-xss-protection: 1; mode=block

GET
H2 200 DBWebAccordionGroup.3c939339.js Show response
www.bahn.de/web/assets/ 13 KB
4 KB 106ms
106ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebAccordionGroup.3c939339.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4cfc0e8861ffd36172a2f69f3a53a4afb7a632b78f24a1933888aebc316deb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=07c296a90113d6fe, intid;desc=07c296a90113d6fe
content-length: 4012
x-xss-protection: 1; mode=block

GET
H2 200 AccordionType.0b5ff988.js Show response
www.bahn.de/web/assets/ 105 B
484 B 106ms
106ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/AccordionType.0b5ff988.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

3dda9bc2e37ec03f042f8963a7b18d71962c2e12ef4222602e58a092c78e1548

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e859b6cc5889f986, intid;desc=e859b6cc5889f986
content-length: 97
x-xss-protection: 1; mode=block

GET
H2 200 accordion_default.e316ab0f.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 107ms
107ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/accordion_default.e316ab0f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6506e14536fa1c33275d6ce81de2560e727532f9e2850d7cc02c0da071ae3aa8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c2d205ab73a55307, intid;desc=c2d205ab73a55307
content-length: 1257
x-xss-protection: 1; mode=block

GET
H2 200 ReisendeSummary.af1a0887.js Show response
www.bahn.de/web/assets/ 25 KB
9 KB 108ms
108ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisendeSummary.af1a0887.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1ea6f7ad22cdac8227d86e2e08400f1cef93c9058db57c1718572bd40757ec0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=1d6458a8dcaf32cf, intid;desc=1d6458a8dcaf32cf
content-length: 9333
x-xss-protection: 1; mode=block

GET
H2 200 _copyArray.1445ceb4.js Show response
www.bahn.de/web/assets/ 202 B
571 B 108ms
108ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_copyArray.1445ceb4.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

51c6d54f6b8c4ecf64f39e0c6ac7cfff4548769378fc7608737a810abf052bce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=25efbfa259c2878c, intid;desc=25efbfa259c2878c
content-length: 185
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSelect.c5e496ac.js Show response
www.bahn.de/web/assets/ 8 KB
4 KB 109ms
109ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSelect.c5e496ac.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

83c91239552f9d34aa7d58e30cbac15133acbab2ce8d7d00b87871edfa106d69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=998b1be5ee9a19ec, intid;desc=998b1be5ee9a19ec
content-length: 3213
x-xss-protection: 1; mode=block

GET
H2 200 globalValidationErrorClass.b8d51b9e.js Show response
www.bahn.de/web/assets/ 42 B
449 B 109ms
109ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/globalValidationErrorClass.b8d51b9e.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d4bc379097e73bd0e8ebb81b310c4289e48d6abe704ffda98bde685266eba16

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=fd37477a7d3b20f5, intid;desc=fd37477a7d3b20f5
content-length: 62
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSelectList.4e149e28.js Show response
www.bahn.de/web/assets/ 8 KB
3 KB 136ms
136ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSelectList.4e149e28.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

27e6925f959c76a69735856bbb465201448b1f93b1504128b25572d9f31fab6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=2c87d34682404179, intid;desc=2c87d34682404179
content-length: 2554
x-xss-protection: 1; mode=block

GET
H2 200 InputTheme.b684fa05.js Show response
www.bahn.de/web/assets/ 84 B
484 B 137ms
136ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/InputTheme.b684fa05.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b30865c1263054ab95ca1b1df1631d37d3bcfff74ca2620c2bfe6674a74f08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f1d0f39fc3d697a7, intid;desc=f1d0f39fc3d697a7
content-length: 97
x-xss-protection: 1; mode=block

GET
H2 200 DBWebCheckbox.2961a722.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 110ms
110ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebCheckbox.2961a722.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b740573a6985f00d83fe22264ad82569f7914034de3bd0167d7c536bd973e9fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6758dab2d58161aa, intid;desc=6758dab2d58161aa
content-length: 895
x-xss-protection: 1; mode=block

GET
H2 200 ErmaessigungsFormatter.292ebe95.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 110ms
110ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ErmaessigungsFormatter.292ebe95.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1c7041316581c4f7fd7707079c8095fad5248cea2df8a2c4c888da495931fe0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=31bf9218df819909, intid;desc=31bf9218df819909
content-length: 1080
x-xss-protection: 1; mode=block

GET
H2 200 _baseUniq.04f62223.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 111ms
111ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/_baseUniq.04f62223.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b0e9c7a69c8b8e35ff33e2dc6a023245bd2dbdc5fff009ea0a143000eebe436

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=812db7c76b5ebdb8, intid;desc=812db7c76b5ebdb8
content-length: 734
x-xss-protection: 1; mode=block

GET
H2 200 makeStringNonBreaking.2fb5c349.js Show response
www.bahn.de/web/assets/ 311 B
634 B 137ms
136ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/makeStringNonBreaking.2fb5c349.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5b4c48613f264e663679a0d37526f4f2738856c34dd2a7d6f644f299527f3fdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7062415299eee1d7, intid;desc=7062415299eee1d7
content-length: 248
x-xss-protection: 1; mode=block

GET
H2 200 es.string.replace-all.57697d84.js Show response
www.bahn.de/web/assets/ 893 B
997 B 111ms
111ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/es.string.replace-all.57697d84.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

35a50147c3a73c41c086702830ee0bd746cd7b0ce0d385299f9152d9a31385e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6a19f844957a7f01, intid;desc=6a19f844957a7f01
content-length: 609
x-xss-protection: 1; mode=block

GET
H2 200 images.9ec78236.js Show response
www.bahn.de/web/assets/ 780 B
858 B 137ms
137ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/images.9ec78236.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3175aad9661803ce60e86d601a455ef7f97578a04fbb3fe02de7a06f8b32825

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ad01f393651de04c, intid;desc=ad01f393651de04c
content-length: 472
x-xss-protection: 1; mode=block

GET
H2 200 ReisendentypFormatter.f342695f.js Show response
www.bahn.de/web/assets/ 1 KB
1005 B 111ms
111ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReisendentypFormatter.f342695f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5d68f4ebcbfdc9fff1fea4c9893924d4e7b1422ba455d99cb3c0fb44f25b06c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e78be5dac700bf3a, intid;desc=e78be5dac700bf3a
content-length: 620
x-xss-protection: 1; mode=block

GET
H2 200 DBWebHaltSearch.3122b766.js Show response
www.bahn.de/web/assets/ 26 KB
8 KB 112ms
112ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebHaltSearch.3122b766.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

54b8368758a5a3f2a27831cb6227098bfdc167f83f38909ce6efddba70d133df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=7e6f3ff01a02faa7, intid;desc=7e6f3ff01a02faa7
content-length: 8247
x-xss-protection: 1; mode=block

GET
H2 200 ButtonOverlayBodyContainer.1710e139.js Show response
www.bahn.de/web/assets/ 8 KB
3 KB 112ms
112ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ButtonOverlayBodyContainer.1710e139.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

cedfa471f97c2a2bf4c265748a98734773e7625a7ff7c5f7d9c2e866888f7aec

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=0346c381da621328, intid;desc=0346c381da621328
content-length: 3075
x-xss-protection: 1; mode=block

GET
H2 200 toNumber.3dc26b30.js Show response
www.bahn.de/web/assets/ 747 B
881 B 137ms
137ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/toNumber.3dc26b30.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

be84f4d78b5deaf8f95458b388be0bb784dc1de330ae4b0be42bb7209e5dc154

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=985d15c7be4a7251, intid;desc=985d15c7be4a7251
content-length: 495
x-xss-protection: 1; mode=block

GET
H2 200 isSymbol.494393f7.js Show response
www.bahn.de/web/assets/ 256 B
608 B 113ms
113ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/isSymbol.494393f7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

314f54dcd84b879f6c246679386fa61f8fbe3a3c6bca86a7f67801758b8e7965

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=26f87a9d76fdd88c, intid;desc=26f87a9d76fdd88c
content-length: 221
x-xss-protection: 1; mode=block

GET
H2 200 OrteService.8fc1c352.js Show response
www.bahn.de/web/assets/ 2 KB
2 KB 137ms
137ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/OrteService.8fc1c352.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

31b2a5dd6d57d0f22b73c634793d47e6779245a2137415b9df4f1651e4f0eab5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8aaa852eaaf2810e, intid;desc=8aaa852eaaf2810e
content-length: 1170
x-xss-protection: 1; mode=block

GET
H2 200 useZeitauswahl.d76e2213.js Show response
www.bahn.de/web/assets/ 3 KB
2 KB 138ms
138ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useZeitauswahl.d76e2213.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

152b1a0c0666bd68a1551d28cc8bbd6ee609db84e2b4f50c5f1b0644ad3c07db

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ddf9f843e4fba56d, intid;desc=ddf9f843e4fba56d
content-length: 1400
x-xss-protection: 1; mode=block

GET
H2 200 DateState.97f8130b.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 138ms
138ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DateState.97f8130b.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a68f3cc34f4a6e40fcf8c14780178acb25729d7aec04bf49ad2ef18703e3f121

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6090e433a5d89192, intid;desc=6090e433a5d89192
content-length: 989
x-xss-protection: 1; mode=block

GET
H2 200 index.a9509f20.js Show response
www.bahn.de/web/assets/ 421 B
681 B 139ms
138ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.a9509f20.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a77c4f64c0c83f3e32582e6b89cad2f2f28321fa5870e1b200229af6d033b7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f50a883adfacfcc5, intid;desc=f50a883adfacfcc5
content-length: 295
x-xss-protection: 1; mode=block

GET
H2 200 index.1fa5dfc9.js Show response
www.bahn.de/web/assets/ 608 B
791 B 139ms
139ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.1fa5dfc9.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

01f7e947926fa57c8f3af67c932506ffb002f80a7b0cac5a3ea791f795ec3223

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b33991995e49c84a, intid;desc=b33991995e49c84a
content-length: 403
x-xss-protection: 1; mode=block

GET
H2 200 index.dc56ef81.js Show response
www.bahn.de/web/assets/ 278 B
621 B 139ms
139ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.dc56ef81.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

cca4b51c1d65bdef529e54f6fc29f8a822e54450a0eeda52f0bf89ed5e83a38e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=3f7963bc9d6b5b57, intid;desc=3f7963bc9d6b5b57
content-length: 233
x-xss-protection: 1; mode=block

GET
H2 200 chunk-XRMBFVPO.6f266fc5.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 140ms
140ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-XRMBFVPO.6f266fc5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

0f9e0ff82673ced31905bf2c91da26b3e06cf452ba7772bdb503269fa2046f2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=26fd5c102c13ac15, intid;desc=26fd5c102c13ac15
content-length: 894
x-xss-protection: 1; mode=block

GET
H2 200 DBWebSegmentedButton.a007c730.js Show response
www.bahn.de/web/assets/ 2 KB
2 KB 140ms
140ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebSegmentedButton.a007c730.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

b431422c64293f284aa4d2448e2c027342f5f2a20a8ff2b0234a86f5efba1a95

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=e64701c49c017717, intid;desc=e64701c49c017717
content-length: 1156
x-xss-protection: 1; mode=block

GET
H2 200 useReisendenTyp.e9caf113.js Show response
www.bahn.de/web/assets/ 318 B
646 B 141ms
141ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useReisendenTyp.e9caf113.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

0bbe5f25d9378d2dfa28b0b11b9c571229e426719935c6272f19cdce1cd7cfdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8e36a6c4ae76d250, intid;desc=8e36a6c4ae76d250
content-length: 261
x-xss-protection: 1; mode=block

GET
H2 200 index.7318dd13.js Show response
www.bahn.de/web/assets/ 243 B
595 B 141ms
141ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/index.7318dd13.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

7e35564c2874bd1f57bfbbab79c4be474b6e9ff4ddd9f9cffe561633964bee74

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=30abfad54a921649, intid;desc=30abfad54a921649
content-length: 210
x-xss-protection: 1; mode=block

GET
H2 200 GKBadge.5ead8808.js Show response
www.bahn.de/web/assets/ 727 B
824 B 142ms
142ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/GKBadge.5ead8808.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4e34d88d84c0c0cef1f1e81a8a0b8bef3a5147ca4db96bd4b489379770a538a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f9c04e6d64acca66, intid;desc=f9c04e6d64acca66
content-length: 438
x-xss-protection: 1; mode=block

GET
H2 200 DBWebBadge.a865fd3f.js Show response
www.bahn.de/web/assets/ 588 B
790 B 142ms
142ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebBadge.a865fd3f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1cb6eb57d3158c7a2be27b257b7d075ae66530d80171e356be4fae3e913ffaa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f3a205db6c1b6671, intid;desc=f3a205db6c1b6671
content-length: 404
x-xss-protection: 1; mode=block

GET
H2 200 ReiseloesungHeading.f58dd9d5.js Show response
www.bahn.de/web/assets/ 24 KB
8 KB 143ms
143ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReiseloesungHeading.f58dd9d5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

99b7f715df94f37c18ff45f6ca5a90710a426b45d92ea7b4c04dd22fe8833363

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=444f080c5a13fff1, intid;desc=444f080c5a13fff1
content-length: 7497
x-xss-protection: 1; mode=block

GET
H2 200 mapVerbindungToConnection.f8440a35.js Show response
www.bahn.de/web/assets/ 4 KB
2 KB 143ms
143ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/mapVerbindungToConnection.f8440a35.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e7c5688a3cac0b6ce258fe30abbf4e143bbc528cacee49c50b8e587c0413e3b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=92871af2a6ae38ec, intid;desc=92871af2a6ae38ec
content-length: 1896
x-xss-protection: 1; mode=block

GET
H2 200 DBWebVerbundLogo.dcbe2778.js Show response
www.bahn.de/web/assets/ 390 KB
101 KB 144ms
144ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebVerbundLogo.dcbe2778.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

41ba136fc49be44c237f7783297cc4af2f770e3a9c790e2eb9599775869564b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=a85ae016542376dd, intid;desc=a85ae016542376dd
content-length: 102511
x-xss-protection: 1; mode=block

GET
H2 200 price.filter.fa28b5b6.js Show response
www.bahn.de/web/assets/ 624 B
812 B 146ms
146ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/price.filter.fa28b5b6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

bac4ca98264570f363d5b9d4b028c22f64eb48008585d61c03dea5baca093910

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=8b9ccbddddee6901, intid;desc=8b9ccbddddee6901
content-length: 426
x-xss-protection: 1; mode=block

GET
H2 200 FootnoteKey.ca4163e6.js Show response
www.bahn.de/web/assets/ 458 B
635 B 147ms
147ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/FootnoteKey.ca4163e6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

bb2e60fe83bda728a9638a060e59a0a56cf71cb6d220ea6546e8c89dd5f6487a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=3a633fbc57011ba1, intid;desc=3a633fbc57011ba1
content-length: 249
x-xss-protection: 1; mode=block

GET
H2 200 FootnoteReference.9493ea74.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 147ms
147ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/FootnoteReference.9493ea74.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d6392f68ffa861518d9aaa5c45911e37505470b9b82ba12c466f050bff0e29fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=77106b2ca56fb19e, intid;desc=77106b2ca56fb19e
content-length: 698
x-xss-protection: 1; mode=block

GET
H2 200 SchnellsteVerbindungenInfo.b7246707.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 148ms
148ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/SchnellsteVerbindungenInfo.b7246707.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

e1bbd1dbfea928a446ea3108fda9b1e297daaf62886caad3f7006f7a15cf25c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=39aa0602cafd5d59, intid;desc=39aa0602cafd5d59
content-length: 680
x-xss-protection: 1; mode=block

GET
H2 200 ErmaessigungsInfo.5fbcade1.js Show response
www.bahn.de/web/assets/ 8 KB
3 KB 148ms
148ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ErmaessigungsInfo.5fbcade1.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

73c5822311f7a9a7ca001119926d0b6e7a023673f9cce489d4fa9f287b1fa15d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c702ca4fa481b8aa, intid;desc=c702ca4fa481b8aa
content-length: 3109
x-xss-protection: 1; mode=block

GET
H2 200 Reiseloesung_Error.8950c4cf.js Show response
www.bahn.de/web/assets/ 2 KB
947 B 149ms
149ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Reiseloesung_Error.8950c4cf.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

f1e4c0642236f8df01b58ea1879aa65c366b7cef752f25c1442acec8109d3e61

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=b901f0d5f1b5c80d, intid;desc=b901f0d5f1b5c80d
content-length: 561
x-xss-protection: 1; mode=block

GET
H2 200 Footnotes.d95901f7.js Show response
www.bahn.de/web/assets/ 2 KB
1 KB 149ms
149ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Footnotes.d95901f7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a612dffa2ecf4e3b4f3a09bd58c226fe40aa7eb3c4788a0f5cac0dc20b835e13

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c83384912ed12637, intid;desc=c83384912ed12637
content-length: 731
x-xss-protection: 1; mode=block

GET
H2 200 ReiseloesungSucheStateBuilder.74642ee7.js Show response
www.bahn.de/web/assets/ 9 KB
4 KB 150ms
150ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/ReiseloesungSucheStateBuilder.74642ee7.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

bcddefa1eba89cea909d31d61c6890177bcd08c3ed9f4b3774523764d5dd1fb6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=47c5468ac0d1f516, intid;desc=47c5468ac0d1f516
content-length: 3268
x-xss-protection: 1; mode=block

GET
H2 200 chunk-GFNPMEUK.23d36f52.js Show response
www.bahn.de/web/assets/ 186 B
563 B 150ms
150ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-GFNPMEUK.23d36f52.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a20c07f60c6cd2380e624f676fbc84b12fc8f0798672f09d91868530c68cd33e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=9954f17381962130, intid;desc=9954f17381962130
content-length: 175
x-xss-protection: 1; mode=block

GET
H2 200 selectedConnectionInfoEvent.be95eed6.js Show response
www.bahn.de/web/assets/ 624 B
722 B 151ms
151ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/selectedConnectionInfoEvent.be95eed6.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c7668a878b1cc9151a80f257f99e89924602906d443d29075b1c64c9f8d0c2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=979ca5817620d8c0, intid;desc=979ca5817620d8c0
content-length: 336
x-xss-protection: 1; mode=block

GET
H2 200 chunk-UDRMHBLZ.41df889d.js Show response
www.bahn.de/web/assets/ 134 B
505 B 151ms
151ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/chunk-UDRMHBLZ.41df889d.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

a26b30c21448738e83671123715b8f6ee678191201b85313c00e28d80539136f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Thu, 09 Nov 2023 07:55:13 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=5acf3933a3817e65, intid;desc=5acf3933a3817e65
content-length: 117
x-xss-protection: 1; mode=block

GET
H2 200 injectOrThrow.c23e81d5.js Show response
www.bahn.de/web/assets/ 315 B
637 B 152ms
152ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/injectOrThrow.c23e81d5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

38a793bb065c60afcdc8d33e5afadf5d8cc0568bcca326f049a0ddd6b3de103f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f4af7e40da397f34, intid;desc=f4af7e40da397f34
content-length: 250
x-xss-protection: 1; mode=block

GET
H2 200 isRequestRelatedError.d4a84838.js Show response
www.bahn.de/web/assets/ 334 B
643 B 152ms
152ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/isRequestRelatedError.d4a84838.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

af657d088492834535995e53a79501a852eb35e8af7a759be5bbb549727d244d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=6c184b12fa959b88, intid;desc=6c184b12fa959b88
content-length: 255
x-xss-protection: 1; mode=block

GET
H2 200 BuchungsstreckeHeading.de357f59.js Show response
www.bahn.de/web/assets/ 1 KB
1 KB 153ms
152ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/BuchungsstreckeHeading.de357f59.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

01a689202bce9d320dc72d3b90706e82947360b5dbea9b90f985589a007180a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=401d5d3fd36cd610, intid;desc=401d5d3fd36cd610
content-length: 666
x-xss-protection: 1; mode=block

GET
H2 200 useVerbindungWithAngeboteLoader.dc1eb604.js Show response
www.bahn.de/web/assets/ 5 KB
3 KB 153ms
153ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useVerbindungWithAngeboteLoader.dc1eb604.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

26bb83e2811c42df860523507be66830c525c628c784c6837085b12f8c3b6578

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=c9ddbdf231280d48, intid;desc=c9ddbdf231280d48
content-length: 2199
x-xss-protection: 1; mode=block

GET
H2 200 IsInt.eb8c1087.js Show response
www.bahn.de/web/assets/ 409 B
669 B 153ms
153ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/IsInt.eb8c1087.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

802602ccd1a4c31105dbc8aeff1be5c1a5575f36e5f49ecac73ceb9038531d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=fc0f20b361acad33, intid;desc=fc0f20b361acad33
content-length: 283
x-xss-protection: 1; mode=block

GET
H2 200 Min.123e99f2.js Show response
www.bahn.de/web/assets/ 803 B
752 B 154ms
154ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Min.123e99f2.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

47d4655162e0685ab441b0ee183143a6ff985a9f6acdc40edf931e5e79c258e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=390e8b874f1c73f0, intid;desc=390e8b874f1c73f0
content-length: 364
x-xss-protection: 1; mode=block

GET
H2 200 useBahnBonusService.fdace615.js Show response
www.bahn.de/web/assets/ 315 B
624 B 154ms
154ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/useBahnBonusService.fdace615.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

c6b1ee8c368f304ac10b821b831309e4dc0a9833ec27e519483cef0c8d5c4bce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=587ef5678edce1ea, intid;desc=587ef5678edce1ea
content-length: 238
x-xss-protection: 1; mode=block

GET
H2 200 DBWebButtonGroup.6f1e45f5.js Show response
www.bahn.de/web/assets/ 635 B
800 B 155ms
155ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebButtonGroup.6f1e45f5.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

bfd8608e0312db5cd6a6d592d2724bb5aee7d65a75f5cb07132b0d4b58b57d2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=28b73928e17c1f99, intid;desc=28b73928e17c1f99
content-length: 414
x-xss-protection: 1; mode=block

GET
H2 200 DBWebAccordionClassic.e0ffd275.js Show response
www.bahn.de/web/assets/ 4 KB
2 KB 155ms
155ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebAccordionClassic.e0ffd275.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d294e2359a8b24fa7be4e96787386d028102c8fb049ed61b85867a6d9d798eee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=9291b0b9622e38c4, intid;desc=9291b0b9622e38c4
content-length: 1422
x-xss-protection: 1; mode=block

GET
H2 200 DBWebTextInput.f37ece2e.js Show response
www.bahn.de/web/assets/ 7 KB
3 KB 156ms
156ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/DBWebTextInput.f37ece2e.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

d69a27dd491c440f738cf473bc5f340dc55593fee41ba1c160f54f31e6af3392

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=44d5cbcbd3d22dca, intid;desc=44d5cbcbd3d22dca
content-length: 2635
x-xss-protection: 1; mode=block

GET
H2 200 Purchase_Fail.570b6df0.js Show response
www.bahn.de/web/assets/ 3 KB
1 KB 156ms
156ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/Purchase_Fail.570b6df0.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

c464103336e41cc2e5c54bd751d89acc07ec0acd2c400bf9ead08e55d73b7e16

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 07 Nov 2023 14:28:12 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=f985f63c839984ef, intid;desc=f985f63c839984ef
content-length: 787
x-xss-protection: 1; mode=block

GET
H2 200 MaintenanceModeService.da83658f.js Show response
www.bahn.de/web/assets/ 575 B
729 B 157ms
137ms Script
application/javascript 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/assets/MaintenanceModeService.da83658f.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

9903c8f08b7a60bc5b0ddbd26b210c57938b0836d67ddaa76cbfb403ee77718e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; font-src data:; img-src data:;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src 'none'; font-src data:; img-src data:;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Nov 2023 11:47:38 GMT
last-modified: Tue, 21 Nov 2023 12:22:58 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
server-timing: intid;desc=ca8a314e6a7ae770, intid;desc=ca8a314e6a7ae770
content-length: 343
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 35 KB
35 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a8bfbc5e86ee82e3e365ce66ebde1af587b445a147105dcdd5a3854314cbc25

Request headers

Referer
Origin: https://www.bahn.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 926 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 706ec89bddee8ae8c38eb1843d067485fe8ab19a2706f54fa358ba08f8690ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 201 fahrplan Show response
www.bahn.de/web/api/angebote/ 25 KB
25 KB 226ms
226ms XHR
application/json 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/web/api/angebote/fahrplan

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/web/assets/common.97c9e711.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

Resource Hash

4cd2d991664904090e98d4d2d21a26934e2ec72065c3269d61e325b40dc1bfb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
x-correlation-id: c102b678-0f42-4fc6-9251-20b61452ca2d_a12d9912-1eb2-4f1e-8c76-8bb05741be71
Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/json; charset=UTF-8

Response headers

date: Mon, 27 Nov 2023 11:47:38 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
etag: W/"624e-x61ZxrJLAYi7wBnNzzDkqYl5J6M"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-store, max-age=0
server-timing: intid;desc=dd14bf95ab2c9edf, intid;desc=dd14bf95ab2c9edf
content-length: 25166
x-xss-protection: 1; mode=block

GET
H2 200 utag.1.js Show response
cms.static-bahn.de/tms/next-main/ 66 KB
22 KB 8ms
8ms Script
application/javascript 2600:9000:214f:2400:c:198:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.static-bahn.de/tms/next-main/utag.1.js?utv=ut4.49.202311071145
Requested by: Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:2400:c:198:5740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 238b0984417a5d226432e199d044e8fd4985076f2fceff525f586eff548421be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: luFvznCI0ygnQSYZGJkuAEEO8Abcbsa6
content-encoding: gzip
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
date: Sun, 26 Nov 2023 13:31:23 GMT
last-modified: Fri, 24 Nov 2023 07:25:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 80177
x-amz-server-side-encryption: AES256
etag: W/"4c7164d14d70880e14fc64113c90f9e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: d-tIdRtu0mX3nLZXBfkhGL4e_-lLdDk8amUFFmIj5yHooRulMe-1CQ==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb0c59815f617cb1a06bfb78fb43b72a06706cf1bdb0d4d1624831a54edd3d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 904 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9065c66465cfef5c4bebb8bf15771c117c417f006e256633ed0471f27790f515

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 s73664484015032 Show response
www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/ 43 B
835 B 81ms
81ms XHR
image/gif 95.101.148.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/st/b/ss/dbbahnprod/1/JS-2.23.0/s73664484015032

Requested by

Host: cms.static-bahn.de
URL: https://cms.static-bahn.de/tms/next-main/utag.1.js?utv=ut4.49.202311071145

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-133.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/buchung/fahrplan/suche
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 27 Nov 2023 11:47:38 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; frame-src 'self' https: db-bordgastronomie.de ps.bahn.de; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 28 Nov 2023 11:47:38 GMT
server: jag
etag: 3653053634765553664-4617910314591229485
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.bahn.de
cache-control: private, no-cache, no-store, no-transform
access-control-allow-credentials: true
expires: Mon, 27 Nov 2023 11:47:38 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 89c8f39e-8885-40fc-a783-01725ca50783.rh-sso-7b7c6b4dc8-m9hds
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 89c8f39e-8885-40fc-a783-01725ca50783.rh-sso-7b7c6b4dc8-m9hds
accounts.bahn.de/auth/realms/db/	1970-01-20 16:31:27	Name: IDM_SID Value: bef72c00-ecac-4957-9548-19a0e954a86b
accounts.bahn.de/auth/realms/db/	1969-12-31 23:59:59	Name: TS0135fa4a Value: 0144e11a910d5aae709974b20e710e7aeb566113d4a0895b21552d39a0be661d5af3c0a28650634b6dcc2352ee83a3ba4f48afd6ab
.bahn.de/	1970-01-21 01:17:01	Name: request_consent_v Value: 3
.accounts.bahn.de/	1969-12-31 23:59:59	Name: TS016c400a Value: 0144e11a910d5aae709974b20e710e7aeb566113d4a0895b21552d39a0be661d5af3c0a28650634b6dcc2352ee83a3ba4f48afd6ab
accounts.bahn.de/	1969-12-31 23:59:59	Name: TS51bc32fa027 Value: 0850f34bcdab2000ba5d1706cc5fed4e1f6af94bd8f97c50e30daa5933301aa3a9fdd41228cfdaa808af76f11b113000320a3b25c8b6d0585cf6fbc306b608b6e532684dd15e51dc711cb60ff8134781cb8c78b6850d0eeee03349d6ee0560d8
www.bahn.de/	1969-12-31 23:59:59	Name: TS01309da6 Value: 0144e11a91f6151505bd472a852f8dabc0753f34eb0f4f914cb0f99fb8dd4aeb5dfa5b9213e40ead0039a3df608b22f17c88d86e50
.bahn.de/	1970-01-21 02:07:25	Name: s_ecid Value: MCMID%7C18775690264128441142543066600102131172
.bahn.de/	1969-12-31 23:59:59	Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 1
.bahn.de/	1970-01-21 02:07:25	Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 179643557%7CMCIDTS%7C19689%7CMCMID%7C18775690264128441142543066600102131172%7CMCAID%7CNONE%7CMCOPTOUT-1701092857s%7CNONE%7CvVersion%7C5.5.0
.bahn.de/	1970-01-21 01:17:01	Name: utag_main Value: v_id:018c109b39920008a209dfcd8e5f0307401dd06c00b08$_sn:1$_se:2$_ss:0$_st:1701087458559$ses_id:1701085657490%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bahn.de
.bahn.de/	1969-12-31 23:59:59	Name: s_cc Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://.optimizely.com https://secure.pay1.de https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://.bahn.com 'unsafe-inline' https://dig-aboprod.noncd.db.de https://ucm-eu.verint-cdn.com; connect-src 'self' https://p11.techlab-cdn.com https://www.jsctool.com https://jsctool.com https://assets.static-bahn.de wss://.m-pathy.com https://.m-pathy.com https://dmp.adform.net https://siteintercept.qualtrics.com https://logx.optimizely.com https://.optimizely.com https://hcaptcha.com https://.hcaptcha.com https://collect.tealiumiq.com https://dig-aboprod.noncd.db.de https://accounts.bahn.de https://ucm-eu.verint-cdn.com https://hoover-eu.verint-api.com wss://hoover-eu.verint-api.com; frame-src 'self' https://cms.static-bahn.de https://secure.pay1.de https://hcaptcha.com https://.hcaptcha.com https://.bahn.de https://www.abo-bahn.de https://db.novafind.eu https://kundenkarte-db.mvv-muenchen.de https://transport.novafind.eu https://db-streckenagent.hafas.de https://a791773171.cdn.optimizely.com/ https://.m-pathy.com https://nextalert-db.nexterite.eu https://s-bahn-muenchen-live.de https://garantien-formular.cs100.force.com https://accounts.bahn.de https://db-bordgastronomie.de https://ersatzkarte-dbregiobusnord.de https://dbaw.specials-bahn.de https://anreiseservice.specials-bahn.de https://analytics.geops.de https://.sbahnm.geops.de https://fipo.deutschebahn.com https://fahrinfo.vbb.de https://kdialog-garantie.cs174.force.com https://regioforce.my.salesforce-sites.com https://www.jugendticket-nds.de https://ketchum.flyingspoon.de https://a1.adform.net; frame-ancestors 'self'; style-src 'self' https://www.jsctool.com https://jsctool.com https://.m-pathy.com https://hcaptcha.com https://.hcaptcha.com 'unsafe-inline' https://dig-aboprod.noncd.db.de; font-src 'self' https://dig-aboprod.noncd.db.de data:; img-src 'self' https://www.awin1.com https://partner-bahn.de https://cm.g.doubleclick.net https://fcmatch.google.com https://fcmatch.youtube.com https://dmp.adform.net https://cdn.optimizely.com https://.qualtrics.com https://dig-aboprod.noncd.db.de https://assets.static-bahn.de https://.bahn.de https://cms.static-bahn.de data:; media-src 'self' https://assets.static-bahn.de https://*.bahn.de https://cms.static-bahn.de;
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.bahn.de
assets.static-bahn.de
cms.static-bahn.de
www.bahn.de
2600:9000:214f:2400:c:198:5740:93a1
2a02:26f0:480:23::1726:6283
81.200.195.195
95.101.148.133
00521230e8053624727f59a5e5bfebb162b1e43a102925c1b97661d2d5ead7b3
01a689202bce9d320dc72d3b90706e82947360b5dbea9b90f985589a007180a4
01f7e947926fa57c8f3af67c932506ffb002f80a7b0cac5a3ea791f795ec3223
0596aabb5219b7cb11cfc50ba512faafc377c9e2713b95874087330706945962
09fa4305e42884edf43d7d5a6cd742859c557c2d3dfbb4d11c62446cae71fbc9
0bbe5f25d9378d2dfa28b0b11b9c571229e426719935c6272f19cdce1cd7cfdf
0f9e0ff82673ced31905bf2c91da26b3e06cf452ba7772bdb503269fa2046f2e
111e420f042f652f2aa47b9bd095119b0db15eb5b7e2609bd076e1d49c6385c6
12ba61e74e3e4cfa2b5ddf741cc1745a0596a63a772d41a4af8cd6d8c285f9f0
1345e1d3a48894f53b8907e4f4b5befd44337bd8a646a6cfab203609020698cc
13f73943269568906c76699bda3946851599dd19381d496b4cf222cddff8c8ea
152b1a0c0666bd68a1551d28cc8bbd6ee609db84e2b4f50c5f1b0644ad3c07db
197be260b9d7d1e294764119d0d174c910b9bf0d15a18ffb9db1df2680b975f3
1a77c4f64c0c83f3e32582e6b89cad2f2f28321fa5870e1b200229af6d033b7c
1d4bc379097e73bd0e8ebb81b310c4289e48d6abe704ffda98bde685266eba16
1dc358539a6e69b332f27b71f073b29265836ea4b38310c792c55ade575ad6b2
1ecf196b80f91afda84c6e4af44b6c7637708c113874b3a59dc1c30de548469e
1f7e5b253c8596ea83eb443d82f48501a8a5adeb50714796d09f68cf9a6deb54
238b0984417a5d226432e199d044e8fd4985076f2fceff525f586eff548421be
26bb83e2811c42df860523507be66830c525c628c784c6837085b12f8c3b6578
27e6925f959c76a69735856bbb465201448b1f93b1504128b25572d9f31fab6c
27ef68d60fd0abbd4450c9a09342531bc7c796ad48b0adc55343d4df8960675f
29f714462d768657d5edf11794b0884e85b4fd77a5bb2ddae9848c1e8804005f
2a099aa4dde3f0459c0a483a7c3669a541005fec780aca970b8cff7a8a6c5a90
2b4a1c582d29ea291030c4e91f42af2d02bca9af088e02b9342ede8fa33d9ee9
314f54dcd84b879f6c246679386fa61f8fbe3a3c6bca86a7f67801758b8e7965
31b2a5dd6d57d0f22b73c634793d47e6779245a2137415b9df4f1651e4f0eab5
35a50147c3a73c41c086702830ee0bd746cd7b0ce0d385299f9152d9a31385e4
37b30865c1263054ab95ca1b1df1631d37d3bcfff74ca2620c2bfe6674a74f08
38a793bb065c60afcdc8d33e5afadf5d8cc0568bcca326f049a0ddd6b3de103f
38b326e885de85bfb70e72ecb3a5ba6f5fd2b87e61a3d0cb95a073be3b3016f9
3a542c022fcd8fe7bf9517b7fa9172f6df7864c3223d497c2f911cd3ef13b2d2
3b13343e9bfd74be61a21ab4f295455bf303548e298ed48cebdce70db8c64a67
3dda9bc2e37ec03f042f8963a7b18d71962c2e12ef4222602e58a092c78e1548
41ba136fc49be44c237f7783297cc4af2f770e3a9c790e2eb9599775869564b7
41f6cfa39b171ab33269b67f1dc29443b2ec799ea2497e727eadf525173de0e8
450d0b7419dd3e77f8c0c2eec121515c251a1994e8ee926fee92893c1d72f240
47d4655162e0685ab441b0ee183143a6ff985a9f6acdc40edf931e5e79c258e0
4a99e4fd02590f62df0fad869eb24cd14358e36433bc6c891c2dd07a11b33dd5
4b7ba8961733ed7ff0924f59e45c62d8fd6e050fc92596580e7b8a9d53ec4e93
4b8c64fb6b3fc278d7d0fd6b823ee1446c1c39728d037183cc73ea602a24833a
4c414616660c07e2ee9312c9da0f75f89e529b5a9758ec1a247e39a47d9ccbfd
4c9951d2e91bf613d354f4d2f20d69df0ae3bcfffcef1b5abded73f584a10730
4cd2d991664904090e98d4d2d21a26934e2ec72065c3269d61e325b40dc1bfb8
4ded44f0fdcd69985d21221928d490fe5d9d7f983e952de5219937f1e7a6fdf1
51c6d54f6b8c4ecf64f39e0c6ac7cfff4548769378fc7608737a810abf052bce
545ebd8e887b3462267ad13153a1de45dc44c6579d88291d4533e90b802ba362
547dd953eef952c98ea17e6874941982c8e955e36bfdcc3c5cc0329c91c2a808
54b8368758a5a3f2a27831cb6227098bfdc167f83f38909ce6efddba70d133df
552ccb3f945896e6d60b1a344534b281556c510d191322fb5d61a8e62e536cc9
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5638d3ccb5ea97954b9d681d74804bd4d7b701581c10514da4024c09cc2b27ca
5a3d0f0be66fc07422e90dfe626f47b751dff515a0d0d119f01a3688ac44b62a
5b4c48613f264e663679a0d37526f4f2738856c34dd2a7d6f644f299527f3fdf
5c7668a878b1cc9151a80f257f99e89924602906d443d29075b1c64c9f8d0c2a
5d68f4ebcbfdc9fff1fea4c9893924d4e7b1422ba455d99cb3c0fb44f25b06c7
5d7f7c81dcf84f3c857053816c76333720a88fadcc1f9139ae45d447e0bcb1f8
62fb174a1c4ebcc4ef03294296ba95adb126c1c1798c2858cc3840d43d8ac422
640c44164fde240005362c50120b593d37182855ebd763182d8d6009879df5eb
6506e14536fa1c33275d6ce81de2560e727532f9e2850d7cc02c0da071ae3aa8
6565f827b8c4678937e4e26f98779af77304e1d87f3e81ebbafcc51b34cf7f9c
65f565612a6f3dcf726ae9c607d93bcbc83701d2e5ec044c091d2ad2373b3417
680d40a3a1fce25ba1a159a9e6562de072101a4accca56224fea2814d14d5577
6837e9c30f1e53290cc2d972f63c2afe8b362e78da0193d8695d26159e00e674
6a308277f8e36e73b73097416a03107fcb9d8584142088be643c4ed730e68bc5
6b0e9c7a69c8b8e35ff33e2dc6a023245bd2dbdc5fff009ea0a143000eebe436
6be54627e77c3684134c32c0ac7805e5f918b5fb763a332c7141538ac56b13be
6c2b001b3b45665759530bee4409cd2e9ecc0396957365e5e002a2f33e7dc239
6eac3691cf1b74983b5c8fe34c4c30d32683011805392da5c118c82859275a38
70074d8ac8ccdc7215df39c8214462358c5d4c2792c0e9392a15936df938c54a
706ec89bddee8ae8c38eb1843d067485fe8ab19a2706f54fa358ba08f8690ee3
73c5822311f7a9a7ca001119926d0b6e7a023673f9cce489d4fa9f287b1fa15d
757fe485e5e3121166f2a1a2e41c203438fafda4b7bc7b15a168936dd849ef96
77af2a0ad30ebbfbdedd14721c33aedcaade729b1b776e634bcff8035ce1eaea
7aad204487ca152fd0cb78c9d883a1be6afa983c1788f7538014af616874d709
7c89d49a07ce79456ab62663984b53393320484c1ddc7c5be11c455fdcc84a9b
7e35564c2874bd1f57bfbbab79c4be474b6e9ff4ddd9f9cffe561633964bee74
802602ccd1a4c31105dbc8aeff1be5c1a5575f36e5f49ecac73ceb9038531d2a
816268916c196472db74215ed31342f7affbd96373ab15ff1998a4370ef26e91
81dc68a2f8c70b95b59783b05962063fde1c2e0fe3849019d21bb55efd895b63
8219711a6e026ca567b0b5c810229105826a4f628d96338e3fb958dcc5893153
829682c1ce65385e15545eb3ffcfd199c469a4bb90a8eb61b8a7b53f076378a1
83b7fa88145b21aa784a562234a0552bcd275e6a4339c1eb6c73f03b10823a63
83c91239552f9d34aa7d58e30cbac15133acbab2ce8d7d00b87871edfa106d69
8a66a8160eb49e544aa1fc5e33c164c6287a047cdf2b2ba0e75630daf72a8a47
8a8bfbc5e86ee82e3e365ce66ebde1af587b445a147105dcdd5a3854314cbc25
8dbbef7c02af0606677aaba5dd6dd942a1dffef7c2a29247ed54d37602324206
8e04ee1aeda1980025084d1393df4f306c133bea1e4efb09747cbd73ec9af537
9065c66465cfef5c4bebb8bf15771c117c417f006e256633ed0471f27790f515
9562ce5831e0240ebcbaa93d8f37255835cf3a64bfa567781e547a9a71d70c76
963282dd296f31c44a75dbef7cdc980ecb15b05a17360359a095e65fef8e747f
9903c8f08b7a60bc5b0ddbd26b210c57938b0836d67ddaa76cbfb403ee77718e
99b7f715df94f37c18ff45f6ca5a90710a426b45d92ea7b4c04dd22fe8833363
9a947927320bf29ce6f712ce520d3fa4a141461112c8c644407d58aefb7be5db
9b15b59b22b34bdbbc6f6496b1370f27e1e2e92108351d3fd00792f907c9f30f
9ba7319051bb586b77a46b5aa7a664f577f1e95a78be1129f12476deeef241c7
9db0261d570144e2b54bf14b243cecd977f7562ee2ccfa4380f81cc7e3ab5acc
a1c7041316581c4f7fd7707079c8095fad5248cea2df8a2c4c888da495931fe0
a1cb6eb57d3158c7a2be27b257b7d075ae66530d80171e356be4fae3e913ffaa
a20c07f60c6cd2380e624f676fbc84b12fc8f0798672f09d91868530c68cd33e
a26b30c21448738e83671123715b8f6ee678191201b85313c00e28d80539136f
a26d6baa1a5e064d607db7964dd1364a1fc7259d90ba6d65591fe04a806ac131
a59877d62361a79e3c61e969b9857adf21833a58723cc063024bfec92f3e4b44
a5c3182d9aff15a8471d6884f019c45e971ebfe9934a1750cc82a8bc39c96701
a609359bcf6cd1e8a3bb69e0900519caaf4170a6c0c2420da24af2e3ae26b9d6
a60a6064ac1724bb0abd0c82cc440ed072cb972ec5262430b5b42c7c859d37d1
a612dffa2ecf4e3b4f3a09bd58c226fe40aa7eb3c4788a0f5cac0dc20b835e13
a68f3cc34f4a6e40fcf8c14780178acb25729d7aec04bf49ad2ef18703e3f121
a69df7da3da63d9252601211a7bd6a90422d86bf0e38b59ee30d68913ee38ecd
a6b178254f6e162400bdecaf0779fc7374f790fed9347442047facf63d926a26
a6c15f31adf98b1b6d38c8b1afb9113630e7730b29ca1381f069cb31099d8a6b
a72a5fb0f797fe70842d3384945bd6fa5146232ab8f8949757df3c83231e2c1c
a7c59928f6fe7dcd1b8f4a1ef10b6468ec00fa588786d254a1d8c165c0603f8d
a8b335696632c914980ed29a2bff1b412f9f419bf44f02eefd6c972564846a12
aad41f4a1d38af1c73782a592b949530142afeef4eb29d08dbe193a9149f01c8
ab44186bf3e4edb65aea6a6585721f2177951c4bb8f82c192bfd4d646aa533f0
ac850d458b1443353c2e4acf1dfbcc8ef559a4c3a54477156f89dba9d8ff5f09
af657d088492834535995e53a79501a852eb35e8af7a759be5bbb549727d244d
b0b830ecfcd5dcc352dcbcb4461bbcaa9da40f5336c358a5f71536d456b02d7f
b2fa8040b86c516fb60b2502fa496dfb6728e677b2b8d38b1c2bb16333aa3f3f
b431422c64293f284aa4d2448e2c027342f5f2a20a8ff2b0234a86f5efba1a95
b4885ef8fdb6b3cd92bf75d2e2892ca8ab5643fd16645768229afae9286ddf49
b740573a6985f00d83fe22264ad82569f7914034de3bd0167d7c536bd973e9fd
b92f762eb77ef043e523d27fc3bd6a61423663d877c5129f3e65145c37176bbc
bac4ca98264570f363d5b9d4b028c22f64eb48008585d61c03dea5baca093910
bb0c59815f617cb1a06bfb78fb43b72a06706cf1bdb0d4d1624831a54edd3d1b
bb2e60fe83bda728a9638a060e59a0a56cf71cb6d220ea6546e8c89dd5f6487a
bbd5a134190030a84e4648653bace9063f9de7c02c7d0a87d93bc37bfa087018
bcddefa1eba89cea909d31d61c6890177bcd08c3ed9f4b3774523764d5dd1fb6
bde4df2738e2a15708b61d33962d5ec17db5b88ee794381dacd6f912fa46d3a1
be84f4d78b5deaf8f95458b388be0bb784dc1de330ae4b0be42bb7209e5dc154
bfd8608e0312db5cd6a6d592d2724bb5aee7d65a75f5cb07132b0d4b58b57d2f
c3175aad9661803ce60e86d601a455ef7f97578a04fbb3fe02de7a06f8b32825
c464103336e41cc2e5c54bd751d89acc07ec0acd2c400bf9ead08e55d73b7e16
c4896e9354bdf9844b3035bca86f20a54229afad29d396db147cbe678a66b15e
c4cfc0e8861ffd36172a2f69f3a53a4afb7a632b78f24a1933888aebc316deb4
c545a5aa779cc7b3fc5906069b3885f4279234891a9de0cfbd677a6cbd3a5d76
c6b1ee8c368f304ac10b821b831309e4dc0a9833ec27e519483cef0c8d5c4bce
cca4b51c1d65bdef529e54f6fc29f8a822e54450a0eeda52f0bf89ed5e83a38e
ccc59f70c381eacd004feb05d22610a9dd2c64901a78ff5be124eaa2d6fa8fd5
ccd9b919f3c143d65a90975d667564d17998df5aedb3b6e99aeb2eb8fa226b93
cd306dd5bc9e3adaa81f472d678ac3116b3a7655889f577b4810cdcdedf05733
ce2f409b0939ac7139ac85f892113c919d2820f589e0eca7aaab6379b8b06ddb
ce9910b7175f7ff54e0b70fb106e3fbd5f8c86b91ab3720a28dcdd677a5e1d78
cedfa471f97c2a2bf4c265748a98734773e7625a7ff7c5f7d9c2e866888f7aec
d294e2359a8b24fa7be4e96787386d028102c8fb049ed61b85867a6d9d798eee
d6392f68ffa861518d9aaa5c45911e37505470b9b82ba12c466f050bff0e29fd
d69a27dd491c440f738cf473bc5f340dc55593fee41ba1c160f54f31e6af3392
d74fc704ce0c29d3c6fb0846a4d236de99804ac60bda78c73419f440b1d6eced
d822b97f8e936a43c38624a33c9df6ba7a418cacc3aa67ffa6ddcc119d4aad81
d94894332082135766996807fe098b2f2a37b74f2f09bbc218578d9ff9981a53
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
dcc874713fcf9a5130c5cea6aeb46cb9f44795daccea8756d32a53cae2ee28e4
e1bbd1dbfea928a446ea3108fda9b1e297daaf62886caad3f7006f7a15cf25c5
e349f08ef2bbd0b0cbf65b912d0d1a9a6409253b7ab8e979473e0c3ce5deea07
e3a7027ad69c8f11c1b36990c25823a14382524bf2b61b9ca4fad2afdda5cd40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ef7e5610124d9d2b70dd34e64fbf4f56ce0a0959d32bfc6bccddd329afdf06
e7c5688a3cac0b6ce258fe30abbf4e143bbc528cacee49c50b8e587c0413e3b1
ea2953b5e04e18c17730bf07a2dc6686ceefa09fcf634e2a67ce3b5a5c38d6de
eaa6397295435a5c32ba615dcaa627149c1a5beccf7220e06349726093c951f5
ecbd5665d90fad3273c392ac3d9e4bf584a367fb77d770ab27b586d65a9e7001
edf7745207202cee75801b0604fb69b993cb323a7f7c67084e3aa9d4aab3fdd9
efa8b08192daa3f7e2415c8e09f84599d0c01cc4c0be1c0e37209abac38fa582
efb6f8479192826d16401c81a6d66e06b75793cf696d4cd917084715316a4df8
f1c3fd1b87a4d5158d2d27d16b6d91b0d832d603b46629cf122406a9cc1245b8
f1e4c0642236f8df01b58ea1879aa65c366b7cef752f25c1442acec8109d3e61
f1ea6f7ad22cdac8227d86e2e08400f1cef93c9058db57c1718572bd40757ec0
f40ba29f5f1dea8c9f9480a3e6d344ca90b3b3226b9509115e5898feefd6230b
f4e34d88d84c0c0cef1f1e81a8a0b8bef3a5147ca4db96bd4b489379770a538a
f549a47fb1eee8143875a3c6f0829ffcbf85a30326b0ba5cb4afd8941bd403a9
f6abc604ebd6b5988e4dd9f7a049a50de9deacbe808dfccac6d7d6c69892cc85
f7edc24269b1241d62c812ed6313ac7895ca8c37ca88f484a41858407c9263a0
f8e2e1a340e5f7ec9d39d04a6192fa216bf444f848e45753e3b7f9ee44f2ce59
fd5e7205a389805ea4a47728c689b136ab600045b37fca2072075e2c731997d7
ffdbaa1252e69de9c0e8aad08c6410fe72a43360a442e31cc42e94038fd0677e

www.bahn.de Open in urlscan Pro 95.101.148.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

164 Requests

100 %HTTPS

50 %IPv6

2 Domains

4 Subdomains

5 IPs

2 Countries

2310 kBTransfer

8126 kBSize

13 Cookies

9 Outgoing links

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bahn.de Open in urlscan Pro
95.101.148.133 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

4
Subdomains

5
IPs

2
Countries

2310 kB
Transfer

8126 kB
Size

13
Cookies

164 HTTP transactions
12 data transactions