urlscan.io logo urlscan.io
SecurityTrails logo

www.bahn.de Open in urlscan Pro
104.111.217.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.bahn.de/bahncard-pin
Effective URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Submission: On July 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 9 domains to perform 57 HTTP transactions. The main IP is 104.111.217.230, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.bahn.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 10th 2020. Valid for: a year.
This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 30 104.111.217.230 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 54.80.74.201 14618 (AMAZON-AES)
1 23.37.32.235 16625 (AKAMAI-AS)
1 2.16.187.49 20940 (AKAMAI-ASN1)
1 2.17.191.240 16625 (AKAMAI-AS)
2 15.188.154.177 16509 (AMAZON-02)
2 81.200.197.91 34156 (BAHN-AS-BLN)
1 2 37.157.6.245 198622 (ADFORM)
2 37.157.5.71 198622 (ADFORM)
5 104.17.209.240 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
1 3 37.157.3.30 198622 (ADFORM)
3 104.111.236.172 16625 (AKAMAI-AS)
2 213.202.235.10 24961 (MYLOC-AS ...)
1 178.250.2.151 44788 (ASN-CRITE...)
2 54.164.184.100 14618 (AMAZON-AES)
57 17
30    104.111.217.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
www.bahn.de
1    2a02:26f0:6c00:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.optimizely.com
1    54.80.74.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
vis.optimizely.com
1    23.37.32.235 (Netherlands)

ASN16625 (AKAMAI-AS, US)
cdn3.optimizely.com
1    2.16.187.49 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
www.static-bahn.de
1    2.17.191.240 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
a791773171.cdn.optimizely.com
2    15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
st.bahn.de
2    81.200.197.91 (Germany)

ASN34156 (BAHN-AS-BLN, DE)
ps.bahn.de
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
2    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
5    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2    2600:9000:214f:3600:1e:7aca:b8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.m-pathy.com
3    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
3    104.111.236.172 (Netherlands)

ASN16625 (AKAMAI-AS, US)
www.img-bahn.de
2    213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
2    54.164.184.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
logx.optimizely.com
Domain Requested by
30 www.bahn.de 2 redirects www.bahn.de
4 siteintercept.qualtrics.com zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
3 www.img-bahn.de ps.bahn.de
3 track.adform.net 1 redirects s2.adform.net
2 logx.optimizely.com cdn.optimizely.com
2 m.exactag.com www.bahn.de
m.exactag.com
2 cdn.m-pathy.com www.bahn.de
cdn.m-pathy.com
2 s2.adform.net www.bahn.de
2 dmp.adform.net 1 redirects s2.adform.net
2 ps.bahn.de www.bahn.de
www.img-bahn.de
2 st.bahn.de www.bahn.de
1 sslwidget.criteo.com www.bahn.de
1 zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com www.bahn.de
1 a791773171.cdn.optimizely.com cdn.optimizely.com
1 www.static-bahn.de www.bahn.de
1 cdn3.optimizely.com cdn.optimizely.com
1 vis.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com www.bahn.de
57 18
Subject Issuer Validity Valid
www.bahn.de
DigiCert SHA2 Extended Validation Server CA		 2020-01-10 -
2021-04-07		 a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
vis.optimizely.com
Amazon		 2020-05-26 -
2021-06-26		 a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
subsites.bahn.de
Let's Encrypt Authority X3		 2020-07-13 -
2020-10-11		 3 months crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2020-03-05 -
2021-06-04		 a year crt.sh
st.bahn.de
DigiCert SHA2 High Assurance Server CA		 2020-03-02 -
2021-06-09		 a year crt.sh
ps.bahn.de
Let's Encrypt Authority X3		 2020-06-13 -
2020-09-11		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
*.m-pathy.com
Amazon		 2020-01-28 -
2021-02-28		 a year crt.sh
www.img-bahn.de
DigiCert SHA2 Secure Server CA		 2020-02-19 -
2021-04-14		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2019-08-28 -
2021-09-13		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
logx.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-10-01 -
2020-10-05		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Frame ID: 65976C73DC0B1B559C9E0B9FF598A464
Requests: 48 HTTP requests in this frame

Frame: https://www.static-bahn.de/media/view/mdb/media/w/skyscraper/skyscraper.html
Frame ID: 1D298D04F8BB40630EE9AC0A6B8B2AEE
Requests: 1 HTTP requests in this frame

Frame: https://a791773171.cdn.optimizely.com/client_storage/a791773171.html
Frame ID: A607D17576FAABA6D3D0FA2C69AFAD8E
Requests: 1 HTTP requests in this frame

Frame: https://ps.bahn.de/common/content/html/lmiframe.html
Frame ID: E08581710EB9950B0077B1B2A5DE5344
Requests: 5 HTTP requests in this frame

Frame: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=ncEK5FKZgJ6z&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Content%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%22%7D
Frame ID: 98E9864828C49100B8A0C6F9E6E5A55A
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/px.aspx?id=51a6f0c6b0c54d488bb74618245a499b
Frame ID: E0698DF47A9BF11FF721D7A2E0805E33
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.bahn.de/bahncard-pin HTTP 301
    https://www.bahn.de/bahncard-pin HTTP 301
    https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

57
Requests

100 %
HTTPS

12 %
IPv6

9
Domains

18
Subdomains

17
IPs

6
Countries

1131 kB
Transfer

3519 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.bahn.de/bahncard-pin HTTP 301
    https://www.bahn.de/bahncard-pin HTTP 301
    https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://dmp.adform.net/audiencetag/adformat.js HTTP 301
  • https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Request Chain 36
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bahncard-kuendigen.shtml
www.bahn.de/p/view/bahncard/bahncard-services/
Redirect Chain
  • http://www.bahn.de/bahncard-pin
  • https://www.bahn.de/bahncard-pin
  • https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
60 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb74042b418bcdd0c457a5faec42ec14180d5721cda7e9d1b4d9749768038919
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.bahn.de
:scheme
https
:path
/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
server
AmazonS3
x-amz-id-2
NPwq6Sjx+QBKGhuxQrcnNz81mtyd0RI475LBRREmcD7MxiCosXa1TEbndAwKMkxfFfKv9HtQo2k=
x-amz-request-id
FA62F58FCFB2D71C
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=600
date
Tue, 28 Jul 2020 11:18:04 GMT
content-length
12946
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload

Redirect headers

status
301
content-type
text/html; charset=iso-8859-1
content-length
286
server
Apache
x-sp
1566
location
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
cache-control
max-age=600
date
Tue, 28 Jul 2020 11:18:04 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
portal.min.css
www.bahn.de/common/view/static/006728fd/responsive/css/ 		470 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eeb1970197799a537566bf5554142fcf91a1b04368c735d6319ed35a2f53f15
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
73FFA7480252F04F
status
200
vary
Accept-Encoding
content-length
99778
x-amz-id-2
DJRQtyhaGXYJHmYA3Bbdc1lWJAiTfQBUHGvIfROVemlNknc1r+huKC+S6goNLZujnj3FESlT/tw=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
softlogin.min.js
www.bahn.de/common/view/static/006728fd/responsive/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/js/softlogin.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
AA3FB47D135D4956
status
200
vary
Accept-Encoding
content-length
18289
x-amz-id-2
HzUia4KpupvtXMD2SPWgtQo0ni+1cMypP/6hBKZlMNzjYlij0t7DR4yLjFstkSoS+13JxK8BINk=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
8033263973.js
cdn.optimizely.com/js/ 		919 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/8033263973.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56fb342794cf1d6baa3a1a631bc9520e5ee0303935b094e08b4c4f930a88ae85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
KIxbqn4Av322pIMqRdV7Us5.cjmX4OCc
content-encoding
gzip
etag
"2c348592ee1ed7dfcb063f6eb1f5a2c8"
x-amz-request-id
CN9N2ZDXAMAH1KCP
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
203181
x-amz-id-2
j0EpRz01THe19rr7h2agl2IGWBbTnpkM5nvKhIz0tSTjlvN3MK6ka5iZc3mdz7UMawlsB9TeMFo=
last-modified
Fri, 24 Jul 2020 16:15:38 GMT
server
AmazonS3
date
Tue, 28 Jul 2020 11:18:04 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=1200
x-amz-meta-revision
16503
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
modernizr-2.8.3.min.js
www.bahn.de/common/view/static/006728fd/js/lib/modernizr/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/js/lib/modernizr/modernizr-2.8.3.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
E7A7BB4B87144AD0
status
200
vary
Accept-Encoding
content-length
4530
x-amz-id-2
/mTY/pF39EAM9zCzg9LBtgfgod+dJcfTJOa3mlqGcqcJVPDXY61SPeZqCPIj4nb++vk0q8r12To=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
db_em_rgb_100px.svg
www.bahn.de/common/view/static/v8/img/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/v8/img/db_em_rgb_100px.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
D0977DBA4E8052AD
status
200
vary
Accept-Encoding
content-length
480
x-amz-id-2
JB2ojXAbxx0cC0S9g+FM0H/K7Vx0OcHjIiDcjAdal3xI9D7eWMkN4YwGe1pTXQMQKazv64FVS0I=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
mdb_233885_menschen_banking_shutterstock_220953274_980x246_cp_0x294_980x540.jpg
www.bahn.de/p/view/mdb/bahnintern/fahrplan_und_buchung/bahn.corporate/schritt_fuer_schritt_anleitungen/2016_bahnbusiness/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/fahrplan_und_buchung/bahn.corporate/schritt_fuer_schritt_anleitungen/2016_bahnbusiness/mdb_233885_menschen_banking_shutterstock_220953274_980x246_cp_0x294_980x540.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ae087a2243826b3288c86d06406df81758f917b638a3a4b3e9749b2a81997bee
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 08:03:11 GMT
server
Akamai Image Manager
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=333966
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
30032
x-xss-protection
1; mode=block
expires
Sat, 01 Aug 2020 08:04:11 GMT
mdb_290350_bahncard-verlorenreisezentrum1200x631_300x147_cp_0x0_1200x586.jpg
www.bahn.de/p/view/mdb/bahnintern/bahncard/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/bahncard/mdb_290350_bahncard-verlorenreisezentrum1200x631_300x147_cp_0x0_1200x586.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c55ae44749cbab9ef3f82f2afc6ea078e6231eee6fd379810cf0aec2a69917fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1862
x-frame-options
SAMEORIGIN
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=394917
last-modified
Sat, 06 Jun 2020 00:54:11 GMT
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
13034
x-xss-protection
1; mode=block
server
Akamai Image Manager
expires
Sun, 02 Aug 2020 01:00:02 GMT
portal-content.min.js
www.bahn.de/common/view/static/006728fd/responsive/js/ 		320 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/js/portal-content.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
783cd752ba1e87c0471b0e26653bcce2b862037e6be45bf45a73ae831bb845d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
6E6EE066941E2058
status
200
vary
Accept-Encoding
content-length
97284
x-amz-id-2
sACsr7/Rtx/tTrAR8aOrG/26meATwjc2H00CSR8MfZTSBO5/3AQBs11OVPA7aFqkcLpd89HE3eg=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
s_code.min.js
www.bahn.de/common/view/static/006728fd/js/lib/omniture/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/js/lib/omniture/s_code.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
12B6A9039201ADA2
status
200
vary
Accept-Encoding
content-length
37926
x-amz-id-2
70eaB4PeICjvhl8ExLlyyXMwu0MBUK9OcE3VB5PtK/IqX8os966vAdY16MW9GZivBwkkm4cap1M=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
oeu1595935085104r0.6824687576974
vis.optimizely.com/api/targeting/8033263973/8512265067/ 		1 KB
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vis.optimizely.com/api/targeting/8033263973/8512265067/oeu1595935085104r0.6824687576974
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.74.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx / Express
Resource Hash
c79794c138e5fbd4cd7f71ff73fdf314f170a6cccb08b4a9e7180f996f376b24

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 28 Jul 2020 11:18:05 GMT
Content-Encoding
gzip
ETag
W/"-1045647723"
Server
nginx
X-Powered-By
Express
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bahn.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
284
geo2.js
cdn3.optimizely.com/js/ 		294 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.32.235 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b921326acd3710a7fa4520c750c02a372d018d69ac1254e2ba60b12ff7c6c7

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
0C0611D4BAE5A557
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=50190
Date
Tue, 28 Jul 2020 11:18:05 GMT
Connection
keep-alive
Content-Length
294
x-amz-id-2
7v0jVdsDaVuFkloSm87Qp6eTjuyP3PKOTOeNPgoo0dISWdPFABuwtcQ1rnDyYMzNGxMcwJUf2zw=
svg-sprites.svg
www.bahn.de/common/view/static/006728fd/responsive/img/ 		324 KB
88 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/img/svg-sprites.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
8A27523FCE407C91
status
200
vary
Accept-Encoding
content-length
89114
x-amz-id-2
pdK4N0UGJYhoAIgCl5N8Z5tSNJgp/qE5Qjs4EAyylHU1Z6Gccy4zdJWUSUz9aNuWY3lVeeeGmMY=
server
AmazonS3
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
icon-s73bc5bf69c.png
www.bahn.de/common/view/static/006728fd/responsive/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/img/icon-s73bc5bf69c.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
87281D28440A0897
x-frame-options
SAMEORIGIN
x-amz-id-2
ESJdZ1ZMM6oidkSltIjdKUdnQWvuLYjXenk43kyzmoDMg9pzg5AB+UeD9sDgoSnQ7RqTolLvR8g=
content-type
image/png
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
54236
x-xss-protection
1; mode=block
bg_nav_active_left.png
www.bahn.de/common/view/static/006728fd/responsive/img/ 		132 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/img/bg_nav_active_left.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
26C8C123F0673029
x-frame-options
SAMEORIGIN
x-amz-id-2
008tA2/2hoSSxurUxllMS7urfFEk4UkA6K6DnUFU2eZCowx+6lXkSPXEakhTyPiN5SYrG1F1xLE=
content-type
image/png
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
132
x-xss-protection
1; mode=block
bg_nav_active_right.png
www.bahn.de/common/view/static/006728fd/responsive/img/ 		132 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/img/bg_nav_active_right.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
DF8CB57BF37A924D
x-frame-options
SAMEORIGIN
x-amz-id-2
rNc1MwUIK35DRAYr9yws2VFLCF6LyUaV++Rs1xPg1v6sh9tBmn8f5lmh8PPSp9FS4fx+3/evUwY=
content-type
image/png
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
132
x-xss-protection
1; mode=block
dbsan03-webfont.woff
www.bahn.de/common/view/static/006728fd/responsive/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/fonts/dbsan03-webfont.woff
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
Origin
https://www.bahn.de

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
74F4C87FD2FE6F2D
x-frame-options
SAMEORIGIN
x-amz-id-2
1x9IHnURYjE7DdkcHHkBZrBIXqb3EZklHLqrcHGhcuv+v7oKDvhHiyLs7plVtd7cFZbj428YhZc=
content-type
binary/octet-stream
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
48820
x-xss-protection
1; mode=block
db-icons.woff
www.bahn.de/common/view/static/006728fd/responsive/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/fonts/db-icons.woff?de5f8900bd1b6298cc0ca94466418537
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
Origin
https://www.bahn.de

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
BBB065BDE5F91FA2
x-frame-options
SAMEORIGIN
x-amz-id-2
LaXfYtoPAnnQ1gaeRBsVES5HGI7KRjwrkqHZchwZwGDqngCAgZewhCh/bzOh9W6LMcaj58DzEgw=
content-type
binary/octet-stream
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
29320
x-xss-protection
1; mode=block
dbsan06-webfont.woff
www.bahn.de/common/view/static/006728fd/responsive/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/fonts/dbsan06-webfont.woff
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
Origin
https://www.bahn.de

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
AEE9F1B8FE9F5CC6
x-frame-options
SAMEORIGIN
x-amz-id-2
EUrxNHaPy4XWDU401Z7/zG/c+awB7X4mPqowxbk6i1cqgU3EDpKo/14aedmiQYgj0os8UIST0l8=
content-type
binary/octet-stream
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
48880
x-xss-protection
1; mode=block
skyscraper.html
www.static-bahn.de/media/view/mdb/media/w/skyscraper/ Frame 1D29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.static-bahn.de/media/view/mdb/media/w/skyscraper/skyscraper.html
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.49 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

:method
GET
:authority
www.static-bahn.de
:scheme
https
:path
/media/view/mdb/media/w/skyscraper/skyscraper.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml

Response headers

status
200
content-type
text/html
server
Apache
last-modified
Thu, 19 Dec 2019 11:16:01 GMT
etag
"fe-59a0cafaa1e40"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
186
cache-control
max-age=600
date
Tue, 28 Jul 2020 11:18:05 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
a791773171.html
a791773171.cdn.optimizely.com/client_storage/ Frame A607 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a791773171.cdn.optimizely.com/client_storage/a791773171.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.191.240 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a791773171.cdn.optimizely.com
:scheme
https
:path
/client_storage/a791773171.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml

Response headers

status
200
last-modified
Fri, 24 Jul 2020 16:15:08 GMT
etag
"60978565598681bfd306cd301236f1a5"
cache-control
max-age=120
x-amz-id-2
PojBGltSY4An/Ifca/xeoV1hftSP98P4aZ03+4ebsS0GFieod8SuWoB7r1Ke72MCd3uDPfqmXEs=
x-amz-request-id
7A19136175E586F6
x-amz-replication-status
COMPLETED
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
NYKrTBDP5Mrfj_HZMfRIJVNDg9_kviNz
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
773
server
AmazonS3
vary
Accept-Encoding
date
Tue, 28 Jul 2020 11:18:05 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="33";dur=0,cdnip;desc="2.17.191.240";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
logo-s56974c59c7.png
www.bahn.de/common/view/static/006728fd/responsive/img/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/006728fd/responsive/img/logo-s56974c59c7.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63e76adcc0eedb478de832846ba15b4f29791b9caabb9b7ad97ea4f2f72e03f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/006728fd/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
AmazonS3
x-amz-request-id
D2A358AE771C9676
x-frame-options
SAMEORIGIN
x-amz-id-2
b3HDpbAKfcr70K1GVwIYVVl8NjshD6u6Kue+Ac1uqC2mgqLlDbBn8eakVpAhFaWUuRnP15KUhak=
content-type
image/png
status
200
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
89271
x-xss-protection
1; mode=block
id
st.bahn.de/ 		48 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.bahn.de/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=61010551374781385713123827328676217086&ts=1595935085311
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/006728fd/js/lib/omniture/s_code.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
88d5347542ef59e9b4a98658a16663b3477660f425c2268b5cfa0c3c90c02813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7447d85976-ztb5m
vary
Origin
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bahn.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
utag.js
www.bahn.de/media/view/tms/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
3b51760fa571f941a26c2cb43ff53a3a65e556f373ce287e297091beb2027274
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
55934
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"30a76-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
getjson.pl
www.bahn.de/pbin/ 		104 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/pbin/getjson.pl?name=nav_p&callback=jQuery111009998800844634523_1595935085292&_=1595935085293
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/006728fd/responsive/js/portal-content.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
b1a404915eac18652cd7a78e3e312ca5e457b22d7dc8861a349d15d920e3a3c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
max-age=180
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
vary
Accept-Encoding
content-length
15902
x-xss-protection
1; mode=block
Cookie set lmiframe.html
ps.bahn.de/common/content/html/ Frame E085 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ps.bahn.de/common/content/html/lmiframe.html
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/006728fd/responsive/js/softlogin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.197.91 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
Apache /
Resource Hash
a42b9362f2fe150b5cffcb26398b7bd45fd2e694756ada973e6646e820105508
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Host
ps.bahn.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
optimizelyEndUserId=oeu1595935085104r0.6824687576974; AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg=-408604571%7CMCIDTS%7C18472%7CMCMID%7C61010551374781385713123827328676217086%7CvVersion%7C4.6.0; s_ecid=MCMID%7C61010551374781385713123827328676217086
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml

Response headers

Date
Tue, 28 Jul 2020 11:18:05 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
2209
Connection
keep-alive
Set-Cookie
AWSALB=0OIUOdMSfanDMaUoKWmfBAizrp4oIaiY+ZMKcKHNJuuOUg2jkBegka2u3WfYFnqOePM8vzgDdQFYe+iKazpmjPk6uXIuXtngOsOwqd0cjmSuAZ2YBkJdbyo6ozaN; Expires=Tue, 04 Aug 2020 11:18:05 GMT; Path=/ AWSALBCORS=0OIUOdMSfanDMaUoKWmfBAizrp4oIaiY+ZMKcKHNJuuOUg2jkBegka2u3WfYFnqOePM8vzgDdQFYe+iKazpmjPk6uXIuXtngOsOwqd0cjmSuAZ2YBkJdbyo6ozaN; Expires=Tue, 04 Aug 2020 11:18:05 GMT; Path=/; SameSite=None; Secure
Server
Apache
Last-Modified
Wed, 22 Jul 2020 07:02:45 GMT
Accept-Ranges
bytes
Strict-Transport-Security
max-age=16070400; includeSubDomains
s19980578748974
st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/s19980578748974?AQB=1&ndh=1&pf=1&t=28%2F6%2F2020%2013%3A18%3A5%202%20-120&mid=61010551374781385713123827328676217086&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen&g=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&c.&Rendering=Desktop&Orientierung=Landscape&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&load_time=6&.c&cc=EUR&ch=BAHN_PVE_DEU_DE&events=event45%2Cevent46&h1=PVE%3Ebahncard%3Ebahncard-services&c4=BAHN_PVE_DEU_DE&v4=BAHN_PVE_DEU_DE&c22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&v22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&c24=D%3DpageName&v24=D%3DpageName&c69=logout&v69=logout&v74=D%3DpageName&c75=D%3Dv75&v75=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
x-content-type-options
nosniff
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 29 Jul 2020 11:18:05 GMT
server
jag
xserver
anedge-7447d85976-xkx6n
etag
3427244498392285184-4614405766775852053
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 27 Jul 2020 11:18:05 GMT
utag.140.js
www.bahn.de/media/view/tms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.140.js?utv=ut4.45.201910290813
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
709f5477e04e9928057365340b3e93d0cca4e1c363b512fd9527c948675660a6
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
1411
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"ba7-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.85.js
www.bahn.de/media/view/tms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.45.201904151138
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
8ff91ea2cb3836345af931568d9a781d458142751d4b4f8c343b55e437aee88f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
1390
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"ae0-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.74.js
www.bahn.de/media/view/tms/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.45.201907291243
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
f9068c85829f33495bf270b2b14fe0a7ce37450c7dd4fafa74a36248c703652f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
1060
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"813-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.139.js
www.bahn.de/media/view/tms/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.139.js?utv=ut4.45.201912030818
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
3665de45aa70eed668e71a2eb924c2d099533cf3f933c7c6706eceeb45ed0d8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
1362
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"ba1-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.41.js
www.bahn.de/media/view/tms/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.41.js?utv=ut4.45.202004141226
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
0780f30ac6a490520ebb8edace035a9f249bb2d8733b473c7f621fb4d322e8f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
5519
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"616b-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.33.js
www.bahn.de/media/view/tms/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.33.js?utv=ut4.45.202006221255
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
cd5bbe7a7b4a9d8e8a02455a6e9e0716380fc3b25f2346321f61e49ac4fe900e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
4179
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"4b90-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.14.js
www.bahn.de/media/view/tms/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.14.js?utv=ut4.45.202004141226
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e54959dcb5f3f52c453e60682fb7b10e6b3f12557205646fa491ea33267127f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
2349
x-xss-protection
1; mode=block
last-modified
Mon, 22 Jun 2020 14:47:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"2103-5a8ad51a30500"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
adformat.js
s2.adform.net/banners/scripts/audiencetag/
Redirect Chain
  • https://dmp.adform.net/audiencetag/adformat.js
  • https://s2.adform.net/banners/scripts/audiencetag/adformat.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1c540d0b0157c62f231f4787d5cef5ab466a790b2480bf1d7fa381b50ba16bd0

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 13:08:37 GMT
server
nginx
etag
W/"5f0716d5-c6a"
x-cache-status
HIT
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

status
301
date
Tue, 28 Jul 2020 11:18:06 GMT
server
nginx
location
https://s2.adform.net/banners/scripts/audiencetag/adformat.js
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
/
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&t=1595935085957
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.45.201904151138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5d170eb20eaf730083dd359268d5bd0dac93c3fad5510315e1e29b4632424ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
461821
cf-polished
origSize=53500
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0436bdedde0000f13e69304200000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"d0fc-uimkkh6aGgnVagR8t4rmdImK+Hw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
5b9e328fcfc9f13e-ARN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
a2987.js
cdn.m-pathy.com/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.m-pathy.com/js/a2987.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.45.201907291243
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:3600:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
35889c55792e2bbb8f1aeb0228fae9b6b634a1766e2f2194c19908c4dda46f65

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Origin
https://www.bahn.de

Response headers

date
Tue, 28 Jul 2020 10:50:14 GMT
content-encoding
gzip
age
1672
x-cache
Hit from cloudfront
status
200
content-length
6084
access-control-allow-origin
*
last-modified
Tue, 28 Jul 2020 10:48:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"577b-5ab7e2f5d8e66-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
Me4jWA9RIROaalnwdI4_8vDp17w-VAlIDqIqiH5hjU6ea4hcx3IGFA==
expires
Tue, 28 Jul 2020 11:50:14 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
49db29c192d6483c1a023d885acfd928678347cdec9c208d7f78a949c9cf3458

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
gzip
last-modified
Thu, 09 Jul 2020 12:15:04 GMT
server
nginx
etag
W/"5f070a48-13780"
x-cache-status
HIT
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

status
301
date
Tue, 28 Jul 2020 11:18:06 GMT
server
nginx
location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
exactag.js
www.bahn.de/media/view/tms/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/js/exactag.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
5428
x-xss-protection
1; mode=block
last-modified
Thu, 19 Dec 2019 11:16:01 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"321a-59a0cafaa1e40"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
criteo.js
www.bahn.de/media/view/tms/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/js/criteo.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
c0ef355534d040550952aac49f300f771c3dcc0d5cd99008015d9d59378bff44
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Accept-Encoding
content-length
5403
x-xss-protection
1; mode=block
last-modified
Thu, 19 Dec 2019 11:16:01 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"3802-59a0cafaa1e40"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
loader.js
cdn.m-pathy.com/modules/4.16-164/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.m-pathy.com/modules/4.16-164/loader.js
Requested by
Host: cdn.m-pathy.com
URL: https://cdn.m-pathy.com/js/a2987.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:3600:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f06f336560e920dc53969b0e1867da27449b77ffd3f0437b742614de56421062

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Origin
https://www.bahn.de

Response headers

date
Tue, 28 Jul 2020 10:51:39 GMT
content-encoding
gzip
age
1587
x-cache
Hit from cloudfront
status
200
content-length
15101
access-control-allow-origin
*
last-modified
Mon, 02 Mar 2020 12:42:50 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"acff-59fde8666e680-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
cache-control
max-age=2419200
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
xkxsLP2_vgKBjUiP5Om7mKRxIEV_FeAgXK6PGpXx5bp_DGnouOV_bw==
expires
Tue, 25 Aug 2020 10:51:39 GMT
es6-promise.js
www.img-bahn.de/s3/prod/es//js/ Frame E085 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.img-bahn.de/s3/prod/es//js/es6-promise.js
Requested by
Host: ps.bahn.de
URL: https://ps.bahn.de/common/content/html/lmiframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.236.172 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e5a556f607b2cc1eda8e23198af2925599b002c5c64dc1ae401bd8f50c3708

Request headers

Referer
https://ps.bahn.de/common/content/html/lmiframe.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 28 Jul 2020 11:18:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 07:07:18 GMT
Server
AmazonS3
x-amz-request-id
129BFAAC12C17B35
ETag
"c833d9c873652af4a666772e9930b031"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6686
x-amz-id-2
ri8tbbwVfSell4ckm4avjEoeYt9F0eTK/0KLji0c+uf8W0XbmhioS4eB+z+UYfLFQqxyBtOFY1Y=
Expires
Tue, 28 Jul 2020 11:33:06 GMT
common.js
www.img-bahn.de/s3/prod/es//js/ Frame E085 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.img-bahn.de/s3/prod/es//js/common.js
Requested by
Host: ps.bahn.de
URL: https://ps.bahn.de/common/content/html/lmiframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.236.172 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b79c36a7e8a9a7a94b717e60cb5a79976e7ac6c1b899aa02536ee460c9723fa

Request headers

Referer
https://ps.bahn.de/common/content/html/lmiframe.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 28 Jul 2020 11:18:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 07:07:17 GMT
Server
AmazonS3
x-amz-request-id
95B658E915756472
ETag
"34057f636668a1f6f1d15a4de2bc090c"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5489
x-amz-id-2
JvRsaoDkVuT/ZZU4XHPLHn2tVDCOWCaJduhkmjHHvm+/JRkPjSEl/iJLlAHBs4fnCqSesPX4YOo=
Expires
Tue, 28 Jul 2020 11:33:06 GMT
softlogin.js
www.img-bahn.de/s3/prod/es//js/ Frame E085 		117 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.img-bahn.de/s3/prod/es//js/softlogin.js
Requested by
Host: ps.bahn.de
URL: https://ps.bahn.de/common/content/html/lmiframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.236.172 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8160cea3ba2e014812ec78ec43b763df6113778f33a59a2387753db538bfbf5

Request headers

Referer
https://ps.bahn.de/common/content/html/lmiframe.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 28 Jul 2020 11:18:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 07:07:18 GMT
Server
AmazonS3
x-amz-request-id
54EB39A8E72EB6CC
ETag
"3ebf8ff5b6e21de20c8220a58d8889f1"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21165
x-amz-id-2
j3xOStuQhlhBlzjovdKL5dYDQ8RIly4aTLLtzI9LgT5cQWx6byQ8CGEM+TG8/KUtLnfdjm8S3JQ=
Expires
Tue, 28 Jul 2020 11:33:06 GMT
pi.aspx
m.exactag.com/ Frame 98E9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=ncEK5FKZgJ6z&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Content%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%22%7D
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/js/exactag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
6102c8a6e8ca2e05e5acb1b132567035dd73d5c3ba1ac84cb0a467aa79bf0ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR", policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
Content-Length
2215
Pragma
no-cache
X-ET-Code
0
Last-Modified
Di, 28 Jul 2020 11:18:06 GMT,Di, 28 Jul 2020 11:18:06 GMT
Server
Microsoft-IIS/8.5
Date
Tue, 28 Jul 2020 11:18:05 GMT
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache
X-ET-Camp
1053
Expires
-1
event
sslwidget.criteo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=16780&v=4.5.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26ui_db_page%3DBAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen&p2=e%3Ddis&adce=1
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/js/criteo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2f93fbf0ae7befd0ea3fef64ee9fe1f8addea7c777e4bbe9fd7b862a3942e0e

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jul 2020 11:18:05 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
server-processing-duration-in-ticks
9057
content-type
application/x-javascript
content-length
863
expires
0
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0lxkzEthotizcTX&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&t=1595935085957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198302e73735befe4516343aa7658d455c804fb6290725afbb48c0be4f0ef25e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://www.bahn.de
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5b9e329058b3f13e-ARN
vary
Accept-Encoding
cf-request-id
0436bdee360000f13e69309200000001
events
logx.optimizely.com/v1/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.184.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 28 Jul 2020 11:18:06 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.bahn.de
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
8feb2488-aa36-4340-a4e2-50f421cc03f7
cookiesegments
dmp.adform.net/audiencetag/ 		2 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU4MV0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJhdWRpZW5jZV90YWdfY29uc3VtZXJfdjEiLCJleHAiOjE4NDY0NzkyOTksIm5iZiI6MTUzMTExOTIzOX0.FJQj3NEIHLPLagWbUeSDroGlMNqPApSp4JsfF5qhvxA
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bahn.de
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
/
track.adform.net/Serving/TrackPoint/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%7D&ADFdivider=%7C&ord=212228161773&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfYmFobmNhcmRfYmFobmNhcmQtc2VydmljZXNfYmFobmNhcmQta3VlbmRpZ2VufSJ9&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
20879e3dea59abcfd03d04c5c719fcc08346a7dee16c5cc3f41efe184ff01f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
8974
expires
-1
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&t=1595935085957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
461907
cf-polished
origSize=89652
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0436bdee900000f13e6930a200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"15e34-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9e3290e9bbf13e-ARN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
/
track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRP... 		195 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2ieQTNHkdn.MqgXK_Pmtd0SHp815LyjaY2.rINj.rINM6uJ6o6e0T.5yjaY1WMsiZRPrwXC_JEkNgvlE4yy2XElgebiYMpztNKscKsoUs_43wuZPup_nH2t05oaYAhrcpMxE6DBUr5xj6Kkveara3g9Rk4xf7_OLgiPFMtrs1OeyjaY1vSiwujAUrtnf5jaY2ftckuyPBDjaY2.rINVQdg4CqCqHP6e0Gihmr.S9RdPQSzOy_Aw7UTlf_01kKHoNve2U.0Y.KI3dmidmcKFvj9zApUkVxv5icCmVWN9e4WX3NlY5DtTclY5B5Rhj.JNldj1DxqAeL9.gJ0Nc1lF4XVA4.L9.KNc0FAKXV4JhL90ftctDL90ftctDL9.J1pNc0FAKXV4jMk.96P/serving/trackpoint/?pm=646062&ADFPageName=%7bwww.bahn.de%7d%7c%7bBAHN_PVE_DEU_DE%7d%7c%7bBAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%7d&ADFdivider=%7c&ord=212228161773&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfYmFobmNhcmRfYmFobmNhcmQtc2VydmljZXNfYmFobmNhcmQta3VlbmRpZ2VufSJ9&loc=https%3a%2f%2fwww.bahn.de%2fp%2fview%2fbahncard%2fbahncard-services%2fbahncard-kuendigen.shtml&catdt=0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ab1b80a484a1d82b3ed7956f247c985f8e28f43426271e6ace95092e4002695f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
238
expires
-1
Texte
ps.bahn.de/webservices/rest/resource/ Frame E085 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps.bahn.de/webservices/rest/resource/Texte?r=f6d527a8
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//js/softlogin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.197.91 , Germany, ASN34156 (BAHN-AS-BLN, DE),
Reverse DNS
Software
Apache /
Resource Hash
3d851e7348aca9b49ba8bf6d6fc6ac9f3b6722a0d9c28675d848f838f2779878
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://ps.bahn.de/common/content/html/lmiframe.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 28 Jul 2020 11:18:06 GMT
Server
Apache
Connection
keep-alive
Content-Length
1333
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/json
12.0da2f5012e49e065e383.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0da2f5012e49e065e383.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&t=1595935085957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
461906
cf-polished
origSize=2639
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0436bdeee30000f13e6930d200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9e32916ab6f13e-ARN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.2d7df593a54f23d86743.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.2d7df593a54f23d86743.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml&t=1595935085957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 28 Jul 2020 11:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
461906
cf-polished
origSize=26960
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0436bdeee30000f13e6930e200000001
last-modified
Thu, 23 Jul 2020 02:29:42 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6950-173798145f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5b9e32916abdf13e-ARN
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
px.aspx
m.exactag.com/ Frame E069 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/px.aspx?id=51a6f0c6b0c54d488bb74618245a499b
Requested by
Host: m.exactag.com
URL: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=ncEK5FKZgJ6z&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Content%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
m.exactag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
exactag_new_gk=16b36f5ed18442c0a6dbc044acfbce79%7c26.09.2020+11%3a18%3a06; exactag_new_uk=92f9bffba8f94aca9839fb298cb69dfe%7c; session_session=6f790dab87e74290891cec81; exactag_new_user=1053%7c2%7c6f790dab87e74290891cec81%7c01.01.0001+00%3a00%3a00%7c28.07.2020+11%3a18%3a06%7c6f790dab87e74290891cec81%7c68537%7c1753%7cFalse
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-ET-Code
0
X-ET-Camp
1053
Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Tue, 28 Jul 2020 11:18:05 GMT
Connection
close
Content-Length
346
events
logx.optimizely.com/v1/ 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.184.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bahn.de/p/view/bahncard/bahncard-services/bahncard-kuendigen.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 28 Jul 2020 11:18:07 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.bahn.de
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
5f79da14-e7ee-403e-baa6-49bf494fddc6

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DDTools object| digitalData object| bahn object| $jscomp object| de object| ES6Promise object| softlogin undefined| _ object| optimizely object| bahn_customer_id function| optimizely_url_contains function| optimizely_get_param function| optimizelyTracking object| html5 object| Modernizr number| browserWidth function| createSkyframe object| cid object| breakpoints function| BackToTop function| LanguageSelector function| TabNav function| Gallery function| Stage function| Tabs function| Folder function| Datepicker function| Rangeslider function| ResponsiveImage function| Quickfinder function| QuickfinderAuskunft function| QuickfinderSparpreis function| QuickfinderPuenklichkeit function| LoginForm function| MainNav function| Carousel function| Dropdown function| initMap undefined| gscript object| SCRAMBLE object| CMF function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| Mustache string| view string| s_account string| trackingServer string| secureTrackingServer string| visitorNameSpace string| reportSuite function| e string| s_rsaccount object| s number| inHeadTS function| s_getLoadTime function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in number| s_loadT number| s_objectID number| s_giq function| getCookieValue function| getWebtrackingLoginStatus function| setOmnitureProperties object| utag_data object| jQuery111009998800844634523 string| preSelectionLevel undefined| jQuery111009998800844634523_1595935085292 object| cl object| selected_fields object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| max_initial_percent string| screen_res string| browser_dim number| pixel_dens string| device_ort object| s_i_dbbahnprod boolean| utag_condload object| utag function| ParseUserAgent object| gUtil object| Mpathy object| adf object| _adftrack object| exactag object| criteo_q boolean| mpathy_loaded object| oldQueue object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.31.3 object| Adform function| AdformAT object| KJUR object| _qsie object| fortyone

21 Cookies

Domain/Path Name / Value
m.exactag.com/ Name: exactag_new_user
Value: 1053%7c2%7c6f790dab87e74290891cec81%7c01.01.0001+00%3a00%3a00%7c28.07.2020+11%3a18%3a06%7c6f790dab87e74290891cec81%7c68537%7c1753%7cFalse
m.exactag.com/ Name: exactag_new_gk
Value: 16b36f5ed18442c0a6dbc044acfbce79%7c26.09.2020+11%3a18%3a06
ps.bahn.de/ Name: AWSALBCORS
Value: rnm+csWPIcbo3vV1Hzgt4OTQzhvhPgMRij6zrD0L6/CeVULHcNjwwXICoCf3qOxFOnOM7x85lcXz5HHD9LXmjdBiBNYI/aYjm+/U8Ns+2I5iGoFqJ60Lm2xT0I4M
.bahn.de/ Name: s_ppvl
Value: BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%2C64%2C64%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/ Name: et_gk
Value: 16b36f5ed18442c0a6dbc044acfbce79|26.09.2020 11:18:06
.bahn.de/ Name: et_uk
Value: 92f9bffba8f94aca9839fb298cb69dfe
www.bahn.de/ Name: QSI_HistorySession
Value: https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Fbahncard%2Fbahncard-services%2Fbahncard-kuendigen.shtml~1595935086206
m.exactag.com/ Name: session_session
Value: 6f790dab87e74290891cec81
.bahn.de/ Name: mpt_cookieForErrSites
Value: 0|1597144686051
.bahn.de/ Name: mpt_followpage
Value: 0|1597144686052
.bahn.de/ Name: mpt_rate_comparator_3372
Value: 52.933535847600076|1598527086044
.bahn.de/ Name: mpt_vid
Value: 159593508605390060|1659007086053
.bahn.de/ Name: utag_main
Value: v_id:01739524d5300081a8b3b3d6aae000078004e07000b08$_sn:1$_ss:1$_st:1595936885873$ses_id:1595935085873%3Bexp-session$_pn:1%3Bexp-session$ls:undefined%3Bexp-session
.bahn.de/ Name: s_ecid
Value: MCMID%7C61010551374781385713123827328676217086
.bahn.de/ Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: -408604571%7CMCIDTS%7C18472%7CMCMID%7C61010551374781385713123827328676217086%7CMCAID%7CNONE%7CMCOPTOUT-1595942285s%7CNONE%7CvVersion%7C4.6.0
.bahn.de/ Name: s_cc
Value: true
.bahn.de/ Name: sc_vis
Value: true
ps.bahn.de/ Name: AWSALB
Value: rnm+csWPIcbo3vV1Hzgt4OTQzhvhPgMRij6zrD0L6/CeVULHcNjwwXICoCf3qOxFOnOM7x85lcXz5HHD9LXmjdBiBNYI/aYjm+/U8Ns+2I5iGoFqJ60Lm2xT0I4M
.bahn.de/ Name: s_ppv
Value: BAHN_PVE_DEU_DE_bahncard_bahncard-services_bahncard-kuendigen%2C64%2C64%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/ Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 1
.bahn.de/ Name: optimizelyEndUserId
Value: oeu1595935085104r0.6824687576974

32 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.optimizely.com/js/8033263973.js(Line 3697)
Message:
null
console-api log URL: https://cdn.optimizely.com/js/8033263973.js(Line 3697)
Message:
null - customerID should be set
console-api log URL: https://ps.bahn.de/common/content/html/lmiframe.html(Line 14)
Message:
IFr Begin
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
Constructing IframeMain
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[StateM] Reading IframeState from cache: null
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd
console-api log URL: https://ps.bahn.de/common/content/html/lmiframe.html(Line 40)
Message:
IFr End
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
Incoming message 'init'
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
init(https://www.bahn.de:443)
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] checkClientOrigin successsful.
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Examining cookies...
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[iLogic] slstat = null
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[iLogic] hlstat = null
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] LoginState is Anonymous
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Login state remains Anonymous .
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Checking whether resources need to be loaded eagerly.
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[StateM] Writing IframeState to cache: [object Object]
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
Incoming message 'load'
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
load(Texte)
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Connectivity is Connected
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Data is not in cache.
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] -> loading it from server.
console-api info URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 137)
Message:
[iLogic] Ajax call load(Texte).
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 46)
Message:
Processing AJAX response for load(Texte)
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[iLogic] response = [object Object]
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[Cache] Wrote Texte to cache (storage): {"login.hardlogin.logout.value":"Logout","meinestrecken.speichern.keine":"Um Strecken zu speichern, geben Sie in den Feldern \"Von\" und \"Nach\" eine Verbindung ein.","login.hardlogin.begruessung":"Sie sind angemeldet, {0} {1} {2}","meinestrecken.loeschen.tooltip":"Strecke löschen","login.hardlogin.logout.tooltip":"Logout","titel.3":"Prof. Dr.","titel.2":"Prof.","titel.1":"Dr.","titel.0":"","login.softlogin.begruessung":"Herzlich Willkommen, {0} {1} {2}!","meinestrecken.keine.anonym":"Sie haben keine Strecken gespeichert. Im Bereich Meine Bahn können Sie Ihre wichtigsten Strecken hinterlegen und hier abrufen.","meinestrecken.via":"Über","anrede.1":"Frau","login.softlogin.logout.link.tooltip":"Hier melden Sie sich von \"Angemeldet bleiben\" ab und verzichten auf persönliche Angebote und Services.","anrede.0":"Herr","meinestrecken.speichern.gespeichert":"Strecke gespeichert","login.softlogin.logout.link.text":"Abmelden","login.softlogin.logout.value":"Sie sind nicht {0} {1} {2}?","login.softlogin.logout.tooltip":"Durch diesen Klick löschen Sie Ihre Cookies zur Personalisierung auf bahn.de. Mehr Informationen erhalten Sie in unseren Datenschutzhinweisen.","meinestrecken.bearbeiten":"Bearbeiten","meinestrecken.speichern":"Strecke speichern","meinestrecken.speichern.max":"Strecke speichern (max. {0} Strecken)"}
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 114)
Message:
[StateM] Writing IframeState to cache: [object Object]
console-api log URL: https://www.img-bahn.de/s3/prod/es//js/common.js(Line 55)
Message:
console.groupEnd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a791773171.cdn.optimizely.com
cdn.m-pathy.com
cdn.optimizely.com
cdn3.optimizely.com
dmp.adform.net
logx.optimizely.com
m.exactag.com
ps.bahn.de
s2.adform.net
siteintercept.qualtrics.com
sslwidget.criteo.com
st.bahn.de
track.adform.net
vis.optimizely.com
www.bahn.de
www.img-bahn.de
www.static-bahn.de
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
104.111.217.230
104.111.236.172
104.17.209.240
15.188.154.177
178.250.2.151
2.16.187.49
2.17.191.240
213.202.235.10
23.37.32.235
2600:9000:214f:3600:1e:7aca:b8c0:93a1
2a02:26f0:6c00:183::13b8
37.157.3.30
37.157.5.71
37.157.6.245
54.164.184.100
54.80.74.201
81.200.197.91
0780f30ac6a490520ebb8edace035a9f249bb2d8733b473c7f621fb4d322e8f7
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
0eeb1970197799a537566bf5554142fcf91a1b04368c735d6319ed35a2f53f15
198302e73735befe4516343aa7658d455c804fb6290725afbb48c0be4f0ef25e
1c540d0b0157c62f231f4787d5cef5ab466a790b2480bf1d7fa381b50ba16bd0
20879e3dea59abcfd03d04c5c719fcc08346a7dee16c5cc3f41efe184ff01f46
26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
2b79c36a7e8a9a7a94b717e60cb5a79976e7ac6c1b899aa02536ee460c9723fa
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
31b921326acd3710a7fa4520c750c02a372d018d69ac1254e2ba60b12ff7c6c7
35889c55792e2bbb8f1aeb0228fae9b6b634a1766e2f2194c19908c4dda46f65
3665de45aa70eed668e71a2eb924c2d099533cf3f933c7c6706eceeb45ed0d8f
3b51760fa571f941a26c2cb43ff53a3a65e556f373ce287e297091beb2027274
3d851e7348aca9b49ba8bf6d6fc6ac9f3b6722a0d9c28675d848f838f2779878
49db29c192d6483c1a023d885acfd928678347cdec9c208d7f78a949c9cf3458
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
56fb342794cf1d6baa3a1a631bc9520e5ee0303935b094e08b4c4f930a88ae85
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
5d170eb20eaf730083dd359268d5bd0dac93c3fad5510315e1e29b4632424ded
6102c8a6e8ca2e05e5acb1b132567035dd73d5c3ba1ac84cb0a467aa79bf0ae3
63e76adcc0eedb478de832846ba15b4f29791b9caabb9b7ad97ea4f2f72e03f9
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
709f5477e04e9928057365340b3e93d0cca4e1c363b512fd9527c948675660a6
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
783cd752ba1e87c0471b0e26653bcce2b862037e6be45bf45a73ae831bb845d5
82e5a556f607b2cc1eda8e23198af2925599b002c5c64dc1ae401bd8f50c3708
88d5347542ef59e9b4a98658a16663b3477660f425c2268b5cfa0c3c90c02813
8ff91ea2cb3836345af931568d9a781d458142751d4b4f8c343b55e437aee88f
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
a42b9362f2fe150b5cffcb26398b7bd45fd2e694756ada973e6646e820105508
a8160cea3ba2e014812ec78ec43b763df6113778f33a59a2387753db538bfbf5
ab1b80a484a1d82b3ed7956f247c985f8e28f43426271e6ace95092e4002695f
ae087a2243826b3288c86d06406df81758f917b638a3a4b3e9749b2a81997bee
b1a404915eac18652cd7a78e3e312ca5e457b22d7dc8861a349d15d920e3a3c2
c0ef355534d040550952aac49f300f771c3dcc0d5cd99008015d9d59378bff44
c2f93fbf0ae7befd0ea3fef64ee9fe1f8addea7c777e4bbe9fd7b862a3942e0e
c55ae44749cbab9ef3f82f2afc6ea078e6231eee6fd379810cf0aec2a69917fb
c79794c138e5fbd4cd7f71ff73fdf314f170a6cccb08b4a9e7180f996f376b24
cb74042b418bcdd0c457a5faec42ec14180d5721cda7e9d1b4d9749768038919
cd5bbe7a7b4a9d8e8a02455a6e9e0716380fc3b25f2346321f61e49ac4fe900e
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54959dcb5f3f52c453e60682fb7b10e6b3f12557205646fa491ea33267127f7
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3
f06f336560e920dc53969b0e1867da27449b77ffd3f0437b742614de56421062
f9068c85829f33495bf270b2b14fe0a7ce37450c7dd4fafa74a36248c703652f