urlscan.io logo urlscan.io
SecurityTrails logo

deutschebahn.hitrewards-qa.com Open in urlscan Pro
2606:4700::6811:9350  Public Scan

Go To Rescan Add Verdict Report
URL: https://deutschebahn.hitrewards-qa.com/
Submission: On July 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700::6811:9350, located in United States and belongs to CLOUDFLARENET, US. The main domain is deutschebahn.hitrewards-qa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2023. Valid for: a year.
This is the only time deutschebahn.hitrewards-qa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700::6811:9350 (United States)

ASN13335 (CLOUDFLARENET, US)
deutschebahn.hitrewards-qa.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2600:9000:223d:7a00:16:792e:2d40:21 (United States)

ASN16509 (AMAZON-02, US)
d11m0dp9ta9w39.cloudfront.net
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    99.86.1.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-225.fra6.r.cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    52.21.9.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-9-47.compute-1.amazonaws.com
rti-master-api.hitrewards-qa.com
2    44.208.224.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-224-114.compute-1.amazonaws.com
com-rocketmiles-qa1.collector.snplow.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:2250:fc00:10:cdb:b80:21 (United States)

ASN- ()
d4466r3vlr9ym.cloudfront.net
9    2600:9000:214f:4000:2:cea4:aa80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.builder.io
Domain Requested by
10 d11m0dp9ta9w39.cloudfront.net deutschebahn.hitrewards-qa.com
d11m0dp9ta9w39.cloudfront.net
9 cdn.builder.io d11m0dp9ta9w39.cloudfront.net
7 rti-master-api.hitrewards-qa.com d11m0dp9ta9w39.cloudfront.net
3 www.google-analytics.com deutschebahn.hitrewards-qa.com
www.google-analytics.com
2 d4466r3vlr9ym.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 com-rocketmiles-qa1.collector.snplow.net deutschebahn.hitrewards-qa.com
2 deutschebahn.hitrewards-qa.com static.cloudflareinsights.com
1 www.googletagmanager.com deutschebahn.hitrewards-qa.com
1 cdn.jsdelivr.net deutschebahn.hitrewards-qa.com
1 d1fc8wv8zag5ca.cloudfront.net 1 redirects
1 static.cloudflareinsights.com deutschebahn.hitrewards-qa.com
1 fonts.googleapis.com deutschebahn.hitrewards-qa.com
41 13

This site contains no links.

Subject Issuer Validity Valid
deutschebahn.hitrewards-qa.com
Cloudflare Inc ECC CA-3		 2023-07-14 -
2024-07-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.hitrewards-qa.com
Amazon RSA 2048 M02		 2023-05-16 -
2024-06-14		 a year crt.sh
com-rocketmiles-qa1.collector.snplow.net
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-22		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.builder.io
Amazon RSA 2048 M01		 2023-02-22 -
2023-11-28		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://deutschebahn.hitrewards-qa.com/
Frame ID: E5A7ACC80CD0BDD7D6453A9498C592EC
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deutschebahn Hotels

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

98 %
HTTPS

77 %
IPv6

10
Domains

13
Subdomains

12
IPs

2
Countries

2428 kB
Transfer

9992 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://d1fc8wv8zag5ca.cloudfront.net/2.6.2/sp.js HTTP 301
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.2/sp.js

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
deutschebahn.hitrewards-qa.com/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9350 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad89c9fe442cf8df9353cd84635817cecfd959649ffecb45092aa71ca565025f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71
cache-control
max-age=300, public
cf-cache-status
DYNAMIC
cf-ray
7e67805dff859be9-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Fri, 14 Jul 2023 05:52:46 GMT
last-modified
Fri, 14 Jul 2023 01:15:23 GMT
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
via
1.1 bf7159e30a38421f642619d6da9a8eb4.cloudfront.net (CloudFront)
x-amz-cf-id
5ijB0HzMtLkpcZrxm9X0-_CYmbbY-4Mdyq_C0v37nHZTpqtOgCfkmQ==
x-amz-cf-pop
IAD12-P2
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
x-amz-id-2
N1mrLFa7c987uIfs31CZoHj6flD7rtv+WXDllsOA2tzDhibUF3URwirDxMfuPY8XIeGSDIJb7UM54C5F2cwAtSDF+/6a5y8gKKbfX4N+/nQ=
x-amz-request-id
AMCH488NQ13YF3A6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1185a0b5d20fa32373823d1157053db6003341c2cddd8298a69185cc1db09030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jul 2023 05:52:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 05:17:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jul 2023 05:52:46 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 14 Jul 2023 04:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4647
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 14 Jul 2023 06:35:19 GMT
main.04c97ea87f321534acd8.css
d11m0dp9ta9w39.cloudfront.net/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/main.04c97ea87f321534acd8.css
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e6fd4be4d043b5c158cf53c38394cb5cd77a6ad9f5dc1a80cc433ade0e80018

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:47 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"bb04d5073abc05457de6d7a176209c88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
YcB_He2cCm8s3mOm9Nsi_JnMuJ9PvXzkYNesKnVV8cUW-Zb7fg37UQ==
6.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		7 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a10c661ac3bc3721d576fa7412cfedc349963849301d180bd244a64a3558e296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:47 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"9759977df5d89251a1a929b3deca22ec"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
U5RiJJ3I-J38fae59fXvfQQLJq48VQCsJJYXC2jG8-Lrhza1wy01Cg==
v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer
https://deutschebahn.hitrewards-qa.com/
Origin
https://deutschebahn.hitrewards-qa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:46 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 23:05:42 GMT
server
cloudflare
etag
W/2023.7.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7e6780622a52bb44-FRA
sp.js
cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.2/
Redirect Chain
  • https://d1fc8wv8zag5ca.cloudfront.net/2.6.2/sp.js
  • https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.2/sp.js
73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.2/sp.js
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b8ee02bddec67b4e38863e28da563f65c682459773ba2a0800a839bc98755e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 14 Jul 2023 05:52:46 GMT
x-content-type-options
nosniff
content-encoding
br
age
799797
x-jsd-version
2.6.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27202
x-served-by
cache-fra-eddf8230040-FRA
x-jsd-version-type
version
etag
W/"125f4-+cg3Iaww3Bw836o4InOCIAyqOtc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Date
Thu, 13 Jul 2023 13:07:29 GMT
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Age
60318
X-Cache
Hit from cloudfront
Location
https://cdn.jsdelivr.net/gh/snowplow/sp-js-assets@2.6.2/sp.js
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
KBe1BbgAhupZdTYB-2TW8HDbEp5HnxhIipVtBslr3rGC8Vfi2csIaw==
gtm.js
www.googletagmanager.com/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJBZW8V&l=testarossaDataLayer
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0be0e6741ad42c218401762ee4f8793cf81c9f609872007b1487fd74c64250ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81765
x-xss-protection
0
last-modified
Fri, 14 Jul 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jul 2023 05:52:46 GMT
site
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/site
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
1ba81a61-a698-45d3-9681-18c1510d01fa
X-RTI-RequestTraceId
0dbf0c6d-c9b1-496e-a151-902f6860d8a1
Content-Length
672
experiments
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/experiments?max=100
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
d7d23cf1-bfd3-4285-abe7-fab710c6c1f1
Content-Length
672
i
com-rocketmiles-qa1.collector.snplow.net/ 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://com-rocketmiles-qa1.collector.snplow.net/i?stm=1689313968036&e=pv&url=https%3A%2F%2Fdeutschebahn.hitrewards-qa.com%2F&page=Deutschebahn%20Hotels&tv=js-2.6.2&tna=snowplow&aid=deutschebahn-whitelabel-web-qa&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=3db7ea30-701e-45f6-994b-b72265c7a457&dtm=1689313968034&vp=1600x1200&ds=1600x1200&vid=1&sid=af759889-7973-4647-82bd-da52719788f0&duid=f742cd8a-aa35-4359-ab31-b8e6845cea77&fp=273912271&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%2233b27346-254d-4492-a534-40410bebf0e9%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1689313965621%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1689313965621%2C%22domainLookupStart%22%3A1689313965622%2C%22domainLookupEnd%22%3A1689313965696%2C%22connectStart%22%3A1689313965696%2C%22connectEnd%22%3A1689313965745%2C%22secureConnectionStart%22%3A1689313965716%2C%22requestStart%22%3A1689313965746%2C%22responseStart%22%3A1689313966273%2C%22responseEnd%22%3A1689313966274%2C%22domLoading%22%3A1689313966277%2C%22domInteractive%22%3A0%2C%22domContentLoadedEventStart%22%3A0%2C%22domContentLoadedEventEnd%22%3A0%2C%22domComplete%22%3A0%2C%22loadEventStart%22%3A0%2C%22loadEventEnd%22%3A0%7D%7D%5D%7D
Requested by
Host: deutschebahn.hitrewards-qa.com
URL: https://deutschebahn.hitrewards-qa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.224.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-224-114.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
collect
www.google-analytics.com/j/ 		3 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1905006112&t=pageview&_s=1&dl=https%3A%2F%2Fdeutschebahn.hitrewards-qa.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Deutschebahn%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACgDIAB~&jid=1589418249&gjid=1963395450&cid=174801753.1689313968&tid=UA-85540246-2&_gid=1809049844.1689313968&_r=1&_slc=1&z=755275360
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jul 2023 05:52:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://deutschebahn.hitrewards-qa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
deutschebahn.hitrewards-qa.com/cdn-cgi/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deutschebahn.hitrewards-qa.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9350 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Fri, 14 Jul 2023 05:52:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://deutschebahn.hitrewards-qa.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7e67806ee8ef9be9-FRA
0.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/0.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d07996a16d718c6dd2688853b6cbf0369b91b34fd573387f8e1bb349184675b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"1bfc765751ed77fc34a43098255594e3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
nR0l8KFgblgcy-KerldEkUL3rN9n7iW9wkc0Zw9Xp8u0vQWlnLE_9w==
2.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		100 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/2.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea18350b1ddee6d8b596141afd3e9de1309938958eb989c2014085e6f9fb8188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"4fe36d2cba8b55f3a4d4a20d0134904c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
iIf9Dpb9k22XFZRDUCzNq_HjgOGmS1ukjD0u_4yrBEtHnm9w5C95dw==
3.04c97ea87f321534acd8.css
d11m0dp9ta9w39.cloudfront.net/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/3.04c97ea87f321534acd8.css
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
447e4518d18316beb6897b7e892c5974ac4a55b2d7c1a6e29248e6a4026b80fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"570ef7bf53bd3f5644f06ffec6a94ddd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
ZAMPxDxmYmXvqwqCAoUZGamfrhWamXf-56Fm0ZfOS9G0zK8xomtpHQ==
3.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		209 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/3.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f25a6c228e269eb26dfe0c8bcb0cd0c1df797960836f04d7079f1a3039a73c1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"f24979805430add48f761ba082ef1c07"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
0Y4cn3rW5b0ePxfz27U20fL27XNUQWys53jLj9Iwz53xrHToDkrWBw==
4.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		55 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/4.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9886216fc45779f75deeff5e676c2fc1cf85efb19017c7667e6c0c5de6ff1d6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"33e2d741846e42c6f9d85f2188e3affb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
uRkz2MRbtz53wTPprTyfR7sCUwunFVVrs_g7gQcbEiGUVFIgCfG2FA==
9.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		1015 KB
207 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/9.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7576d040d47406d527cba4344e4e98ebf3636a7fb7e9c2f830244cc09f127db2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"331011de4977480d7af650cbd4d90056"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
K8XYnbuHWoDQ81zAw3Zh0yU07n2zU0KW_LpMAqi8eiCcwXCJfszceg==
11.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		374 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/11.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30d56eb0846e8446538463bb34d56b3c8247cc644779c71cfa326d7e8ac8685e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"929a3f27824adf0c959277edd5cc463a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
SeRwkQafMT4k8i54FvzYnZIo5cN2nzZR7plQjXTNB-8Hd9fUanJQww==
12.04c97ea87f321534acd8.bundle.js
d11m0dp9ta9w39.cloudfront.net/ 		489 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11m0dp9ta9w39.cloudfront.net/12.04c97ea87f321534acd8.bundle.js
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:7a00:16:792e:2d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ace6b5cf2f83d5e4db7ca66535814eedc690b7a7df11556b35538b0ad79564f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:49 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Wed, 13 Sep 2023 00:00:00 GMT", rule-id="staging"
last-modified
Fri, 14 Jul 2023 01:15:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"47f31a115ac986f165b98059d71563c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
x-amz-cf-id
upJqFoc1IKeceJqiJR7O9XU4AfKMeoVCqYRt7XaRguPAjPaglFaOzQ==
languages
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/languages?max=1000
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
25efcdc2-dd00-417b-85f8-68cbdf9059bb
Content-Length
672
defaultCountry
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/defaultCountry
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
d18b9fa6-6276-4495-bf57-1dbe6039ee6e
Content-Length
672
currencies
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/currencies?max=100
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
79ad7227-22ab-40ce-b944-f482a1dc4dae
Content-Length
672
session
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/session
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:48 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
a15a712a-543b-4873-9226-10004e1d8823
Content-Length
672
rewardPrograms
rti-master-api.hitrewards-qa.com/rest/deutschebahn/ 		672 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/rewardPrograms
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.9.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-9-47.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 14 Jul 2023 05:52:49 GMT
WWW-Authenticate
basic realm="myRealm"
Server
nginx/1.22.1
Vary
Accept-Encoding, Origin
Content-Language
de
Access-Control-Allow-Origin
https://deutschebahn.hitrewards-qa.com
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
XSRF-TOKEN
75741429-b8be-436f-8cf3-f12fc7620d0c
X-RTI-RequestTraceId
8726de76-3175-4919-a281-b37c31770fe8
Content-Length
672
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://deutschebahn.hitrewards-qa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 08:10:17 GMT
x-content-type-options
nosniff
age
164551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 08:10:17 GMT
bahn.png
d4466r3vlr9ym.cloudfront.net/uploads/logos/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4466r3vlr9ym.cloudfront.net/uploads/logos/bahn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:10:cdb:b80:21 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b6104de21eb5485824fc2e8d0f40b9c1179ad2ced8d87c2c8b7143da78d315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified
Wed, 29 Jul 2020 17:10:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
"2ee2fb48fe0a7f26a2058e46a3661fd2"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
79578
x-amz-cf-id
D3gzN1Md-Ut_ZGrIKKhgvi9pX17NRZznrRyvpriZF2fw0AMKp2fLqw==
rocket-logo.svg
d4466r3vlr9ym.cloudfront.net/uploads/logos/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d4466r3vlr9ym.cloudfront.net/uploads/logos/rocket-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:10:cdb:b80:21 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26d03a64508f3d8f74d4c03b37e05ad523d810ba7834e2fc7b36b8a8dc5a5f07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
content-encoding
gzip
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 16:16:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
etag
W/"d5efa9649470042290ca194c741e82a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
C03drttKaAmKk0e-RtEkvI6gF9krCpl7dbDZNoKpiFhnhXNocQO6bA==
i
com-rocketmiles-qa1.collector.snplow.net/ 		43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://com-rocketmiles-qa1.collector.snplow.net/i?stm=1689313968703&e=se&se_ca=rm.dp&se_ac=roomTypeLoadStart&tv=js-2.6.2&tna=snowplow&aid=deutschebahn-whitelabel-web-qa&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=72c09c12-d2c4-4174-862c-3e9ece69284d&dtm=1689313968702&vp=1600x1200&ds=1600x1344&vid=1&sid=af759889-7973-4647-82bd-da52719788f0&duid=f742cd8a-aa35-4359-ab31-b8e6845cea77&fp=273912271&url=https%3A%2F%2Fdeutschebahn.hitrewards-qa.com%2F&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%2233b27346-254d-4492-a534-40410bebf0e9%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.rocketmiles%2Ftravel_context%2Fjsonschema%2F1-0-5%22%2C%22data%22%3A%7B%22product_name%22%3A%22testarossa%22%2C%22search_type%22%3Anull%2C%22site_slug%22%3A%22deutschebahn%22%2C%22user_access_group_slug%22%3A%22%22%2C%22vertical%22%3A%22hotels%22%2C%22webpage%22%3A%22landing%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.rocketmiles%2Fsearch_funnel_context%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22searchRequestId%22%3A%22dummyId%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.rocketmiles%2Fsession_context%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Aorg.w3%2FPerformanceTiming%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22navigationStart%22%3A1689313965621%2C%22unloadEventStart%22%3A0%2C%22unloadEventEnd%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1689313965621%2C%22domainLookupStart%22%3A1689313965622%2C%22domainLookupEnd%22%3A1689313965696%2C%22connectStart%22%3A1689313965696%2C%22connectEnd%22%3A1689313965745%2C%22secureConnectionStart%22%3A1689313965716%2C%22requestStart%22%3A1689313965746%2C%22responseStart%22%3A1689313966273%2C%22responseEnd%22%3A1689313966274%2C%22domLoading%22%3A1689313966277%2C%22domInteractive%22%3A1689313968049%2C%22domContentLoadedEventStart%22%3A1689313968051%2C%22domContentLoadedEventEnd%22%3A1689313968051%2C%22domComplete%22%3A1689313968456%2C%22loadEventStart%22%3A1689313968456%2C%22loadEventEnd%22%3A1689313968456%7D%7D%5D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.224.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-224-114.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:48 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1905006112&t=event&ni=0&_s=2&dl=https%3A%2F%2Fdeutschebahn.hitrewards-qa.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Deutschebahn%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=rm.dp&ea=roomTypeLoadStart&_u=aEBAAEABEAAAACgDIAD~&jid=&gjid=&cid=174801753.1689313968&tid=UA-85540246-2&_gid=1809049844.1689313968&z=177314880
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jul 2023 02:27:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12337
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
testarossa-landing-pages
cdn.builder.io/api/v1/query/567069ce82434ad0b05fdd2a54c26cb6/ 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.builder.io/api/v1/query/567069ce82434ad0b05fdd2a54c26cb6/testarossa-landing-pages?omit=meta.componentsUsed&apiKey=567069ce82434ad0b05fdd2a54c26cb6&userAttributes.urlPath=%2F&userAttributes.host=deutschebahn.hitrewards-qa.com&userAttributes.device=desktop&userAttributes.slug=deutschebahn&userAttributes.locale=en&userAttributes.mode=undefined&userAttributes.rewardProgram=undefined&userAttributes.loggedIn=false&options.testarossa-landing-pages.model=%22testarossa-landing-pages%22
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
139bde21e78e07697e7da1083715e25e59567eee316953c71e43c96b3a960a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
0
x-powered-by
Express
x-cache
Miss from cloudfront
content-length
3444
x-request-id
aa666a40-220a-11ee-b7cd-71fb2b84a802
x-served-by
cache-chi-kigq8000026-CHI, cache-fra-eddf8230139-FRA
server
Google Frontend
x-timer
S1689313970.828481,VS0,VE515
etag
W/"47c6-ju5QMoZ/GJyJFyz9d3nIn3QMHWY"
vary
Authorization,Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0b5e2c11a6d4818cb5f1d5d0b7d68606
cache-control
public, max-age=60, s-maxage=60, stale-if-error=2678400,
function-execution-id
g1brhuloae8o
accept-ranges
bytes
access-control-allow-headers
content-type, accept, authorization
x-amz-cf-id
yEJC2Qf_EGWKUnghdeOGEAxq5fiMxYCRaiyC9R1ePOmYyt2BbJCywA==
x-cache-hits
0, 0
track
cdn.builder.io/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.builder.io/api/v1/track
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deutschebahn.hitrewards-qa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
age
7271174
cache-control
max-age=100000000
content-length
19
content-type
application/json
date
Fri, 21 Apr 2023 02:06:36 GMT
server
CloudFront
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-id
4g9r1el4CB2AcwUIQvaNPJiCtsG_Zeviw8K89EJp3pf7pSIdcpGJhg==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F0706511a9faf4f6bbebaf7a69e74b88b
cdn.builder.io/api/v1/image/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/image/assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F0706511a9faf4f6bbebaf7a69e74b88b?width=2000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
77c7abe624fee269e7ff5d8eb9b39c7bc2a2d4f70d370fec09314f4232dd8aa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache
Hit from cloudfront
content-length
208715
x-request-id
aad64310-220a-11ee-be3f-2f2f30a13581
server
Google Frontend
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-cloud-trace-context
4fdca4b45c3ca38a479d60f895b24bd8;o=1
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id
7799a9kwwi0m
x-robots-tag
noindex
x-amz-cf-id
Hgkq6oVuy4Us9LQbjzGaaqgD8HUjytfxjh5XIb9auqJGb9Z3nRjyMQ==
w8gUH2YoQe8_4vq6.ttf
fonts.gstatic.com/s/inder/v6/ 		33 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inder/v6/w8gUH2YoQe8_4vq6.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9922756c6879c6aed60b1f880fcd3067c44c8f3328830909d1091b11168fc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://deutschebahn.hitrewards-qa.com/
Origin
https://deutschebahn.hitrewards-qa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20363
x-xss-protection
0
last-modified
Tue, 10 Oct 2017 21:45:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2024 05:52:50 GMT
track
cdn.builder.io/api/v1/ 		19 B
408 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.builder.io/api/v1/track
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

Referer
https://deutschebahn.hitrewards-qa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jul 2023 01:04:25 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
age
362905
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
x-api-call-time
13
cache-control
max-age=100000000
x-cache
Miss from cloudfront
access-control-allow-headers
content-type
content-length
19
x-amz-cf-id
-q0Q6y15Y3ARdta2agJ317GuHJa1K9NGE1swfWbUZB8mN68W_jXnTw==
pixel
cdn.builder.io/api/v1/ 		35 B
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/pixel?apiKey=567069ce82434ad0b05fdd2a54c26cb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
access-control-allow-private-network
true
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
content-length
35
x-served-by
cache-fra-etou8220100-FRA
server
Google Frontend
x-timer
S1689313971.566427,VS0,VE137
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
vary
cookie,accept-encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
image/gif
access-control-allow-origin
*
x-cloud-trace-context
fb4f0454aa21285b9b0b690415645834
cache-control
public, max-age=15, s-maxage=600, stale-if-error=259200
function-execution-id
98i2p1vzkmce
origin-trial
AofGPSvOEBwNTsONiWgsQDentPPwgWkTFpAxoQocYSzbXKnh43+evaYOWRmzNSbrxEQMwgHMKnVqHU0N9uOMMwsAAAB0eyJvcmlnaW4iOiJodHRwczovL2J1aWxkZXIuaW86NDQzIiwiZmVhdHVyZSI6IlVucmVzdHJpY3RlZFNoYXJlZEFycmF5QnVmZmVyIiwiZXhwaXJ5IjoxNzA5ODU1OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
accept-ranges
bytes
x-robots-tag
noindex
access-control-allow-headers
content-type, accept, authorization
x-amz-cf-id
VOy2nkhKvErfhvUFcETzCzPNYOHEFBbPcqck97wxxVlz9y7uHdxBJw==
x-country-code
DE
x-cache-hits
0
testarossa-landing-pages
cdn.builder.io/api/v1/query/567069ce82434ad0b05fdd2a54c26cb6/ 		18 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.builder.io/api/v1/query/567069ce82434ad0b05fdd2a54c26cb6/testarossa-landing-pages?omit=meta.componentsUsed&apiKey=567069ce82434ad0b05fdd2a54c26cb6&userAttributes.urlPath=%2F&userAttributes.host=deutschebahn.hitrewards-qa.com&userAttributes.device=desktop&userAttributes.slug=deutschebahn&userAttributes.locale=en&userAttributes.mode=undefined&userAttributes.rewardProgram=undefined&userAttributes.loggedIn=false&options.testarossa-landing-pages.model=%22testarossa-landing-pages%22
Requested by
Host: d11m0dp9ta9w39.cloudfront.net
URL: https://d11m0dp9ta9w39.cloudfront.net/6.04c97ea87f321534acd8.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
139bde21e78e07697e7da1083715e25e59567eee316953c71e43c96b3a960a27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
3444
x-request-id
aa666a40-220a-11ee-b7cd-71fb2b84a802
x-served-by
cache-chi-kigq8000026-CHI, cache-fra-eddf8230139-FRA
server
Google Frontend
x-timer
S1689313970.828481,VS0,VE515
etag
W/"47c6-ju5QMoZ/GJyJFyz9d3nIn3QMHWY"
vary
Authorization,Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0b5e2c11a6d4818cb5f1d5d0b7d68606
cache-control
public, max-age=60, s-maxage=60, stale-if-error=2678400,
function-execution-id
g1brhuloae8o
accept-ranges
bytes
access-control-allow-headers
content-type, accept, authorization
x-amz-cf-id
_nfxhoktT5QLdETedz9AS1hIgbDrPmQW2aBLR6MGH7UgLYHqesgyAg==
x-cache-hits
0, 0
assets%2Fc88c53f84dd34b46b69dbee35a895cba%2Fdb2e901579334d5bbe713226308c6fa4
cdn.builder.io/api/v1/image/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/image/assets%2Fc88c53f84dd34b46b69dbee35a895cba%2Fdb2e901579334d5bbe713226308c6fa4?format=webp&width=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
03db20af095f4e682b766012cae5fa2ff5336f9efaf7160510fab8952f957f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache
Hit from cloudfront
content-length
15850
x-request-id
aadad6f0-220a-11ee-a72c-2b3cca08be7a
server
Google Frontend
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
2a44f68eae62b60fa1c6022070a4df03;o=1
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id
6d8d40gt1ihb
x-robots-tag
noindex
x-amz-cf-id
_5m3JtAzw-m9ccvZISV2un4j44UzltSWOPks-kLQns_ImsqfhxoboA==
assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F2d86922cde5c459e8f3f8ec49e7e2155
cdn.builder.io/api/v1/image/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/image/assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F2d86922cde5c459e8f3f8ec49e7e2155?format=webp&width=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
31aae425b709c27b212fd75a1064d3ada6a3eeba248e68a0d56c7a1f15242c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache
Hit from cloudfront
content-length
12936
x-request-id
aad7c9b0-220a-11ee-8270-5526614cb8cd
server
Google Frontend
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
d987b62cc9d47455a063500509e7fae5
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id
0m7s0n8ed1b3
x-robots-tag
noindex
x-amz-cf-id
XrrV9hAh23PuoPNL2kBmo_Exhwv0uiHTqAOScGdITDRa6EKqcAv1xw==
assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F83999286dd964d0f95a27d490fb0d7d5
cdn.builder.io/api/v1/image/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.builder.io/api/v1/image/assets%2Fc88c53f84dd34b46b69dbee35a895cba%2F83999286dd964d0f95a27d490fb0d7d5?format=webp&width=1600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4000:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
4fd943c0842ca01358039fc98cc75271139f88c70f1a884a88bdfe62b6056690

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deutschebahn.hitrewards-qa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:52:50 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
surrogate-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
x-cache
Hit from cloudfront
content-length
19788
x-request-id
aad83ee0-220a-11ee-a1cb-1b2962744b88
server
Google Frontend
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-cloud-trace-context
87fe5ede9447fed2484c22b4afa383be;o=1
cache-control
public, max-age=2592000000, s-maxage=2592000000, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id
4hq3x8m0y3eh
x-robots-tag
noindex
x-amz-cf-id
mpKnjVGWQNiAD1J96XBY13_G7dmHcPAK2Rdw7463FWwJ7O8cxmuweg==

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| WL_API_SERVER string| WL_ENVIRONMENT object| WL_RESOURCE_URL_WHITELIST string| WL_SLUG string| WL_BASE_HREF undefined| API_AUTH_HEADER string| GIT_COMMIT string| WL_BUILDER_API_KEY string| WL_PARTNER_SLUG string| WL_API_REWARD_PROGRAM_SLUG string| WL_PORTAL_SLUG object| WL_SITE_MODES string| WL_DEFAULT_SITE_MODE string| WL_LOGO_URL string| WL_HEADER_LOGO_URL string| WL_WEB_APP_NG_MODULE object| WL_SEARCH_PAGE_SHOW_FULL_EARN_LABEL boolean| WL_REQUIRE_REDEMPTION_ACCESS_TOKEN boolean| WL_CONFIRM_PAGE_HAS_PHONE_NUMBER_FORM boolean| WL_USER_RSVN_PAGE_SHOW_DETAILS_MODAL_ON_LOAD boolean| WL_USER_RSVN_PAGE_SHOW_SUPPORT_CONTACT boolean| WL_USER_RSVN_PAGE_ALLOW_ASSIGN_REWARD_ACCOUNT string| WL_MILES_POSTED_WEEKS_DURATION object| WL_MILES_POSTED_HOURS_DURATION object| WL_SUPPORTED_LANGUAGES string| WL_FALLBACK_LANGUAGE boolean| WL_USE_USER_DEFAULT_LANGUAGE string| WL_FALLBACK_CURRENCY boolean| WL_USE_USER_DEFAULT_CURRENCY boolean| WL_SNOWPLOW_ENABLED string| WL_SNOWPLOW_APP_ID object| WL_FACEBOOK_TRACKING_PIXEL_ID string| WL_LANGUAGE_COOKIE string| WL_CURRENCY_COOKIE string| WL_ACCOUNT_NUMBER_VALIDATION_MSG boolean| WL_LOGIN_DISABLED object| WL_USERGROUP_NAME object| WL_USE_FIRST_PARTY_LOGIN string| WL_PROGRAM_LABEL object| WL_DISPLAY_CROSS_SELL_BANNER_HEADER object| WL_DISPLAY_ROCKET_TRAVEL_BRANDED_TERMS_PAGE_HEADLINE object| WL_DISPLAY_ROCKET_TRAVEL_BRANDED_PRIVACY_PAGE_HEADLINE object| WL_DISPLAY_ROCKET_BRANDED_CONTACT_US_PAGE object| WL_MFA_ENABLED object| WL_MFA_SEND_METHODS object| WL_MFA_MAX_ATTEMPTS object| WL_HAS_MULTIPLE_REWARD_PROGRAMS object| WL_DEFAULT_REWARD_PROGRAM object| WL_DISPLAY_STRIKETHROUGH_PRICING object| WL_GATING_PREAUTH object| WL_GATING_SMS_LOGO object| WL_USE_BURN_SLIDER object| WL_ENABLE_GUEST_DETAILS_PREFILL object| WL_USE_CUSTOM_PRIMARY_COLOR string| WL_PRICING_ROUND_METHOD boolean| WL_PAYMENT_SHOW_OVERLAY object| WL_PAYMENT_OVERLAY_MSG_INTERVAL boolean| WL_PAYMENT_SHOW_CREDIT_CARD_IMAGES boolean| WL_TEALIUM_ENABLED object| WL_GA_TRACKING_ID object| WL_GA4_MEASUREMENT_ID object| WL_DISPLAY_AVAILABLE_CREDIT_CARDS string| WL_API_SERVER_REST_ENDPOINT object| WL_CDK_THEME object| GlobalSnowplowNamespace function| snowplow function| ga object| testarossaDataLayer object| google_tag_data object| gaplugins object| google_tag_manager function| postscribe object| google_tag_manager_external object| Snowplow object| trWebpackJsonp function| setImmediate function| clearImmediate object| __core-js_shared__ function| applyFocusVisiblePolyfill object| __global__ object| regeneratorRuntime function| _ object| gaGlobal object| gaData object| __cfBeacon object| __consolidated_events_handlers__

9 Cookies

Domain/Path Name / Value
.deutschebahn.hitrewards-qa.com/ Name: __cf_bm
Value: Aoqstv4H_MA4hdLu7eERM6iEAWmiZ8lYZni9.W2VS4o-1689313966-0-AZ9Qi2DiUPKuL/GJawKYUSi3lMJeCztPrMNMpqUO5VRWTKBbrSOwmo3YDm9VPEpOm19VUyVbB++VU836TLx0oas=
.hitrewards-qa.com/ Name: builderSessionId
Value: 88f47903e40c4228a6fe5f8d35cb595e
deutschebahn.hitrewards-qa.com/ Name: _sp_ses.b4d1
Value: *
.hitrewards-qa.com/ Name: _ga
Value: GA1.2.174801753.1689313968
.hitrewards-qa.com/ Name: _gid
Value: GA1.2.1809049844.1689313968
.hitrewards-qa.com/ Name: _gat
Value: 1
rti-master-api.hitrewards-qa.com/ Name: XSRF-TOKEN
Value: 75741429-b8be-436f-8cf3-f12fc7620d0c
rti-master-api.hitrewards-qa.com/ Name: JSESSIONID
Value: 7723e1f3-964f-4535-bfc2-701bedd82ce8
deutschebahn.hitrewards-qa.com/ Name: _sp_id.b4d1
Value: f742cd8a-aa35-4359-ab31-b8e6845cea77.1689313968.1.1689313969.1689313968.af759889-7973-4647-82bd-da52719788f0

7 Console Messages

Source Level URL
Text
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/site
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/experiments?max=100
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/defaultCountry
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/languages?max=1000
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/currencies?max=100
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/session
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://rti-master-api.hitrewards-qa.com/rest/deutschebahn/rewardPrograms
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.builder.io
cdn.jsdelivr.net
com-rocketmiles-qa1.collector.snplow.net
d11m0dp9ta9w39.cloudfront.net
d1fc8wv8zag5ca.cloudfront.net
d4466r3vlr9ym.cloudfront.net
deutschebahn.hitrewards-qa.com
fonts.googleapis.com
fonts.gstatic.com
rti-master-api.hitrewards-qa.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
2600:9000:214f:4000:2:cea4:aa80:93a1
2600:9000:223d:7a00:16:792e:2d40:21
2600:9000:2250:fc00:10:cdb:b80:21
2606:4700::6810:3965
2606:4700::6811:9350
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a04:4e42:600::485
44.208.224.114
52.21.9.47
99.86.1.225
03db20af095f4e682b766012cae5fa2ff5336f9efaf7160510fab8952f957f65
0be0e6741ad42c218401762ee4f8793cf81c9f609872007b1487fd74c64250ad
1185a0b5d20fa32373823d1157053db6003341c2cddd8298a69185cc1db09030
139bde21e78e07697e7da1083715e25e59567eee316953c71e43c96b3a960a27
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26d03a64508f3d8f74d4c03b37e05ad523d810ba7834e2fc7b36b8a8dc5a5f07
2d07996a16d718c6dd2688853b6cbf0369b91b34fd573387f8e1bb349184675b
30d56eb0846e8446538463bb34d56b3c8247cc644779c71cfa326d7e8ac8685e
31aae425b709c27b212fd75a1064d3ada6a3eeba248e68a0d56c7a1f15242c4a
447e4518d18316beb6897b7e892c5974ac4a55b2d7c1a6e29248e6a4026b80fc
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4ace6b5cf2f83d5e4db7ca66535814eedc690b7a7df11556b35538b0ad79564f
4fd943c0842ca01358039fc98cc75271139f88c70f1a884a88bdfe62b6056690
5e6fd4be4d043b5c158cf53c38394cb5cd77a6ad9f5dc1a80cc433ade0e80018
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6104de21eb5485824fc2e8d0f40b9c1179ad2ced8d87c2c8b7143da78d315f
6b8ee02bddec67b4e38863e28da563f65c682459773ba2a0800a839bc98755e7
7576d040d47406d527cba4344e4e98ebf3636a7fb7e9c2f830244cc09f127db2
77c7abe624fee269e7ff5d8eb9b39c7bc2a2d4f70d370fec09314f4232dd8aa0
7e9922756c6879c6aed60b1f880fcd3067c44c8f3328830909d1091b11168fc6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9886216fc45779f75deeff5e676c2fc1cf85efb19017c7667e6c0c5de6ff1d6c
9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8
a10c661ac3bc3721d576fa7412cfedc349963849301d180bd244a64a3558e296
ad89c9fe442cf8df9353cd84635817cecfd959649ffecb45092aa71ca565025f
af6b444c01eb6ccdf8cfe075be85bfc25f16d2700066c2e5f3ecfa39e494a2eb
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea18350b1ddee6d8b596141afd3e9de1309938958eb989c2014085e6f9fb8188
f25a6c228e269eb26dfe0c8bcb0cd0c1df797960836f04d7079f1a3039a73c1f