Submitted URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU#stay
Effective URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Submission: On December 21 via manual from DE

Summary

This website contacted 16 IPs in 6 countries across 7 domains to perform 57 HTTP transactions. The main IP is 81.200.196.90, located in Germany and belongs to BAHN-AS, DE. The main domain is fahrkarten.bahn.de.
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 9th 2020. Valid for: 10 months.
This is the only time fahrkarten.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 81.200.196.90 25325 (BAHN-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
18 104.111.235.169 16625 (AKAMAI-AS)
1 52.205.197.116 14618 (AMAZON-AES)
1 104.111.234.197 16625 (AKAMAI-AS)
1 184.24.4.155 16625 (AKAMAI-AS)
2 15.237.76.117 16509 (AMAZON-02)
6 52.45.159.209 14618 (AMAZON-AES)
8 104.111.219.12 16625 (AKAMAI-AS)
1 2 37.157.3.28 198622 (ADFORM)
2 37.157.5.72 198622 (ADFORM)
5 104.17.208.240 13335 (CLOUDFLAR...)
2 2600:9000:21c... 16509 (AMAZON-02)
1 2 37.157.4.24 198622 (ADFORM)
2 213.202.235.10 24961 (MYLOC-AS ...)
2 52.204.60.211 14618 (AMAZON-AES)
57 16
Domain Requested by
18 www.img-bahn.de fahrkarten.bahn.de
www.img-bahn.de
8 www.bahn.de fahrkarten.bahn.de
www.bahn.de
6 errors.client.optimizely.com cdn.optimizely.com
5 fahrkarten.bahn.de 1 redirects fahrkarten.bahn.de
4 siteintercept.qualtrics.com zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
2 logx.optimizely.com cdn.optimizely.com
2 m.exactag.com www.bahn.de
m.exactag.com
2 a1.adform.net 1 redirects a1.adform.net
2 cdn.m-pathy.com www.bahn.de
cdn.m-pathy.com
2 s2.adform.net
2 dmp.adform.net 1 redirects dmp.adform.net
2 st.bahn.de www.img-bahn.de
1 zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com www.bahn.de
1 a791773171.cdn.optimizely.com cdn.optimizely.com
1 cdn3.optimizely.com cdn.optimizely.com
1 vis.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com fahrkarten.bahn.de
57 17

This site contains links to these domains. Also see Links.

Domain
www.bahn.de
dig-aboprod.noncd.db.de
www.deutschebahn.com
Subject Issuer Validity Valid
fahrkarten.bahn.de
DigiCert EV RSA CA G2
2020-07-09 -
2021-04-28
10 months crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA
2020-01-20 -
2021-03-20
a year crt.sh
www.img-bahn.de
DigiCert SHA2 Secure Server CA
2020-02-19 -
2021-04-14
a year crt.sh
vis.optimizely.com
Amazon
2020-05-26 -
2021-06-26
a year crt.sh
*.optimizely.com
DigiCert SHA2 Secure Server CA
2020-01-20 -
2021-03-20
a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018
2020-03-05 -
2021-06-04
a year crt.sh
st.bahn.de
DigiCert SHA2 High Assurance Server CA
2020-03-02 -
2021-06-09
a year crt.sh
errors.client.optimizely.com
Amazon
2020-09-02 -
2021-10-02
a year crt.sh
www.bahn.de
DigiCert SHA2 Extended Validation Server CA
2020-01-10 -
2021-04-07
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA
2020-10-26 -
2021-11-26
a year crt.sh
*.m-pathy.com
Amazon
2020-01-28 -
2021-02-28
a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2019-08-28 -
2021-09-13
2 years crt.sh
logx.optimizely.com
Amazon
2020-09-21 -
2021-10-21
a year crt.sh

This page contains 4 frames:

Primary Page: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Frame ID: 33735469E32D622337319F70E67980DC
Requests: 51 HTTP requests in this frame

Frame: https://a791773171.cdn.optimizely.com/client_storage/a791773171.html
Frame ID: 72A7AB1890B35F0E1A26A55EB6E3E0C2
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=SJqJcHI5mIUC&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22fahrkarten.bahn.de%22%2C%22site%22%3A%22%2Fprivatkunde%2Fregistrieren%2Freg.post%22%2C%22search%22%3A%22%3Flang%3Dde%26country%3DDEU%26redirected%3D1%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Rest%22%2C%22category_name%22%3A%22BAHN_ESU_DEU_de_BAHN%22%2C%22page_name%22%3A%22BAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest%22%2C%22engine%22%3A%22Web%22%7D
Frame ID: EF95F3639001149A7B20015A1349A390
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/px.aspx?id=ad859a5d5d1a406abd11db8681dbf639
Frame ID: 821D32D3890DFAE1ADC4E359203C1787
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU HTTP 302
    https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1 Page URL

Page Statistics

57
Requests

100 %
HTTPS

13 %
IPv6

7
Domains

17
Subdomains

16
IPs

6
Countries

1104 kB
Transfer

3063 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU HTTP 302
    https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://dmp.adform.net/audiencetag/adformat.js HTTP 301
  • https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Request Chain 44
  • https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set reg.post
fahrkarten.bahn.de/privatkunde/registrieren/
Redirect Chain
  • https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU
  • https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
20 KB
21 KB
Document
General
Full URL
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.196.90 , Germany, ASN25325 (BAHN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
44b926e929a9974f3123c034257ae329c20de1c34af672f5090dacff65111aa6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
fahrkarten.bahn.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
AWSALB=oVU+l5qS9cXKVngqfyjY4nmNUj8aipGUItTfYfU/uuyKxHQcVnQTP2n9MXyQflkwk7+2FxOGWPARCnOeJxrm0hxXgLZca0qGsxNDJWRjxr74g2fl36g0fWnnUXsd; AWSALBCORS=oVU+l5qS9cXKVngqfyjY4nmNUj8aipGUItTfYfU/uuyKxHQcVnQTP2n9MXyQflkwk7+2FxOGWPARCnOeJxrm0hxXgLZca0qGsxNDJWRjxr74g2fl36g0fWnnUXsd; DB4-pb-asid=AReEoYRsGjieGAzCBfpeY5CJ6zkI-I8HV8c63ewZSPycnk6Ykv6f!1567460046; DB4-pb-gsid=ba178496-4064-4f36-891b-d7f2bc4d78ac; DB4-pb-shopId=.1c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
AWSALB=pp271HCVj2E4SpwTd+nJPumzpVX7rl9OXSHX5uXYhhHeTo1Tg15sNHCYX9Rsxfwc8kKFUhsbWjhxKG5GulSrHodaljoR5KUNDkh/LtiqKBGuBP+/HJc5xdqdWcL9; Expires=Mon, 28 Dec 2020 09:29:06 GMT; Path=/ AWSALBCORS=pp271HCVj2E4SpwTd+nJPumzpVX7rl9OXSHX5uXYhhHeTo1Tg15sNHCYX9Rsxfwc8kKFUhsbWjhxKG5GulSrHodaljoR5KUNDkh/LtiqKBGuBP+/HJc5xdqdWcL9; Expires=Mon, 28 Dec 2020 09:29:06 GMT; Path=/; SameSite=None; Secure
Server
Apache
Cache-Control
no-cache,must-revalidate
Pragma
no-cache
Expires
0
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
Strict-Transport-Security
max-age=16070400; includeSubDomains

Redirect headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
399
Connection
keep-alive
Set-Cookie
AWSALB=oVU+l5qS9cXKVngqfyjY4nmNUj8aipGUItTfYfU/uuyKxHQcVnQTP2n9MXyQflkwk7+2FxOGWPARCnOeJxrm0hxXgLZca0qGsxNDJWRjxr74g2fl36g0fWnnUXsd; Expires=Mon, 28 Dec 2020 09:29:06 GMT; Path=/ AWSALBCORS=oVU+l5qS9cXKVngqfyjY4nmNUj8aipGUItTfYfU/uuyKxHQcVnQTP2n9MXyQflkwk7+2FxOGWPARCnOeJxrm0hxXgLZca0qGsxNDJWRjxr74g2fl36g0fWnnUXsd; Expires=Mon, 28 Dec 2020 09:29:06 GMT; Path=/; SameSite=None; Secure DB4-pb-asid=AReEoYRsGjieGAzCBfpeY5CJ6zkI-I8HV8c63ewZSPycnk6Ykv6f!1567460046; path=/;SameSite=none; secure; HttpOnly DB4-pb-gsid=ba178496-4064-4f36-891b-d7f2bc4d78ac; domain=.bahn.de; path=/; SameSite=none;; secure; HttpOnly DB4-pb-shopId=.1c; path=/; SameSite=none;; secure
Server
Apache
Location
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Strict-Transport-Security
max-age=16070400; includeSubDomains
8033263973.js
cdn.optimizely.com/js/
1 MB
461 KB
Script
General
Full URL
https://cdn.optimizely.com/js/8033263973.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a0::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae70ba9d853be738348e1ecbf94db4aa29fa678b206fa2408c395054dcae0a60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
iekI0zF4i5yGdk113ewpYjwzlZfse0KB
content-encoding
gzip
etag
"c71cb3635f5185b8b0c42ea7686aea5f"
x-amz-request-id
F14E68F0A40EB85B
x-amz-server-side-encryption
AES256
x-amz-meta-revision
19054
x-amz-replication-status
PENDING
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
470480
x-amz-id-2
W1KQxFSiivnWzjE2a3Q/HeWrUwAZWoncKb88bFCeDdTNRZClTR9mm8FvtstqcNV8ERHgQJe5XG8=
last-modified
Sun, 20 Dec 2020 23:00:43 GMT
server
AmazonS3
date
Mon, 21 Dec 2020 09:29:06 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=1200
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
bahn-minimal.css
www.img-bahn.de/s3/prod/es//css/
24 KB
6 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/bahn-minimal.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12c3097ab36ec0f5ca48bc93289294b6c58b478e2d9747542e96514b10d5d64f

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Dec 2020 23:11:11 GMT
Server
AmazonS3
x-amz-request-id
AE23622B2FD97BAF
ETag
"29d80fdfedcaf2a2883c0dbca8adbcb1"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5764
x-amz-id-2
b7SXACszalagNlSZan98jD2mspF++U6QgqAP2hH1szsOI2qtry1oAlN4E9YJexvNq/2gCTFNRFg=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
webclient-minimal.css
www.img-bahn.de/s3/prod/es//css/
3 KB
2 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/webclient-minimal.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4f71325a77798cc24255ad2fc95b08d6554d157007586b345b2c2a88b23b48a8

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 12:53:53 GMT
Server
AmazonS3
x-amz-request-id
0T1V0PAG8X7JBPDW
ETag
"cfba498c27c4dd0cbc6c385b5dda5349"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
x-amz-id-2
FfrCWoXSBATFKriuvfQRzhnEu+nW6g4vv5JfzrXM1Uz/y40lzV9NY59ml7CoI+c0T46tSk3lmSU=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
main.css
www.img-bahn.de/s3/prod/es//css/
140 KB
21 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/main.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf1480a7d122b580c91c65091ca4ed1f0b1d045bc2ee8320fd94439f8810305f

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Dec 2020 23:11:11 GMT
Server
AmazonS3
x-amz-request-id
98270AFFA7D8D526
ETag
"fe9d578efab010623809d5076c79521e"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20582
x-amz-id-2
EclH/J3oDOFYeOhRlIh9TAz7F0jpbDEe0OLhs2utmI5rD3Xsp4/uGf1sw/tGsL550+BhK9vrEpQ=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
webclient-touch.css
www.img-bahn.de/s3/prod/es//css/
80 KB
15 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/webclient-touch.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4803ed9d18841f165caa3563828c2bcea6b2ee13efc0e0d363ce98c8a6ad44a8

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:45 GMT
Server
AmazonS3
x-amz-request-id
05EF67E9496F874A
ETag
"e847de0747811eda8782da9363092186"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15312
x-amz-id-2
nH1GxKSNesHmilvRndjozHkBNgPLWEXX7EIn688btTCZngAn8WrSFK4PdByTiY3MufP6Rj6z2C4=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
meinebahn-touch.css
www.img-bahn.de/s3/prod/es//css/sass-css/
1 KB
1011 B
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/sass-css/meinebahn-touch.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8872fa3ead9c0bd90da86f4e9e806602d9947c11ee2b814f5f4b1a9e30df7f9b

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:45 GMT
Server
AmazonS3
x-amz-request-id
86C00B8571695548
ETag
"5524d24e66a5bf89bb79259b39510b01"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
517
x-amz-id-2
IvVP7HTqYezk8YU30UvXjbcfeX5MwFE4Gu9nhW3nNyTAnwWlqSg/dDXU8a1O+cOnAEZHQJo3ZJg=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
szk-touch.css
www.img-bahn.de/s3/prod/es//css/sass-css/
20 KB
4 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/sass-css/szk-touch.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f7f6ae09f262d859115d44bf382406865cb31925ef5a15bd469f28b5c2651e87

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:45 GMT
Server
AmazonS3
x-amz-request-id
98CC39C957B0C409
ETag
"01fdf305c734ea85942076dc827fba64"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3648
x-amz-id-2
nnLDrEuLi3dbKUshydhu68ln6LiLG8kKeQqXmoui41vy4rJFXvO+swyJsQButHdNGOPFtBfdeEg=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
kaufbelege.css
www.img-bahn.de/s3/prod/es//css/sass-css/
9 KB
2 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/sass-css/kaufbelege.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f7798ce18d4535479f8830f1293faf52e918d87c03d9e6915c5aafd671f1d44

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:45 GMT
Server
AmazonS3
x-amz-request-id
5M2ZEXBGDS7X4S2Y
ETag
"916e303f99dfe1ee7e2fb642ab5e4d18"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1903
x-amz-id-2
qUyIW3J0529MVNUXaOZh9wFYWS3NO0HDSuGFNkiL7LGYEAIegIZkHHmUd+K3FICujsUhCMJygDM=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
bd_20.12.p07.04.min.js
www.img-bahn.de/s3/prod/es//js/
596 KB
142 KB
Script
General
Full URL
https://www.img-bahn.de/s3/prod/es//js/bd_20.12.p07.04.min.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49148ec5d7149642d009e2408304b46ec5073b82b9d05fbe269bb0467f0a1644

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:52 GMT
Server
AmazonS3
x-amz-request-id
CCBCD23FF786BD78
ETag
"88d2a5c7793289c4cedbf62ca544bcb2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145352
x-amz-id-2
dbMCJO+kmmxBKsK3OlMlYNpDHGrwgFgjgdVA45tJ7T5E+L1KaxqkRpnFK1A5Dy4mKtnuFAdBD0Q=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
logo-db-bahn.png
www.img-bahn.de/s3/prod/es//img/
2 KB
2 KB
Image
General
Full URL
https://www.img-bahn.de/s3/prod/es//img/logo-db-bahn.png
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efe75cc12ae672a5e711598d3e93a509122b91cf60ae9acf17f349d54cb37a93

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Thu, 17 Dec 2020 11:16:50 GMT
Server
AmazonS3
x-amz-request-id
64830BA91062E06C
ETag
"b345382d012346f8efd8bcea8e644cca"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1897
x-amz-id-2
NQgcutA63p2sFIvYixsCmnAXzDlP6oXI23GwUt7DWrr9GDsOsIn1wG7aNfxXXksKBQah0RHdVYc=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
jquery.placeholder.min.js
fahrkarten.bahn.de/privatkunde/v1704/js/vendor/
3 KB
3 KB
Script
General
Full URL
https://fahrkarten.bahn.de/privatkunde/v1704/js/vendor/jquery.placeholder.min.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.196.90 , Germany, ASN25325 (BAHN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
3abd291a339e677ce3a57b491078ba317c7599033f10ab0978c1de5270ff82d3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Mon, 14 Dec 2020 16:01:28 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2610
modernizr-2.6.2.js
fahrkarten.bahn.de/privatkunde/v1704/js/vendor/
30 KB
31 KB
Script
General
Full URL
https://fahrkarten.bahn.de/privatkunde/v1704/js/vendor/modernizr-2.6.2.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.196.90 , Germany, ASN25325 (BAHN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
cd73a9c03b2addeef370e48eab5e3d4c3524860c3d2f8a225284df4097d48c01
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Mon, 14 Dec 2020 16:01:28 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31046
mustache.js
fahrkarten.bahn.de/privatkunde/v1704/js/vendor/
18 KB
19 KB
Script
General
Full URL
https://fahrkarten.bahn.de/privatkunde/v1704/js/vendor/mustache.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.200.196.90 , Germany, ASN25325 (BAHN-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
659d66441d1ac5f3576fb288e0eec169b0cb727b964b93596572361c0acec086
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Mon, 14 Dec 2020 16:01:28 GMT
Server
Apache
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18936
bd_20.12.p07.04_touch.min.js
www.img-bahn.de/s3/prod/es//js/
193 KB
35 KB
Script
General
Full URL
https://www.img-bahn.de/s3/prod/es//js/bd_20.12.p07.04_touch.min.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
272debb8bd838fe94ca805fcda14b2fe82f1fdfb4ecc8993ff56b161b80ceb23

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:52 GMT
Server
AmazonS3
x-amz-request-id
DJ1KBP9KFYBR9HDJ
ETag
"381602b5fe7a9b7605f4781e20cfd958"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35819
x-amz-id-2
Oh0h1Hy6iH/8A2gJH2T8SZwkxJeRfKpKk3o34TmG6A6zx092kfnbCbdhl0wmjAk5vlnXjru6c1k=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
s_code.js
www.img-bahn.de/s3/prod/es//js/
112 KB
38 KB
Script
General
Full URL
https://www.img-bahn.de/s3/prod/es//js/s_code.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
77e8b3b7762898f455c2d0839ed4a0fc021a464745ad74da30a34ffc0b239963

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Dec 2020 11:16:53 GMT
Server
AmazonS3
x-amz-request-id
2C3591876DCDB3A6
ETag
"84ea31acd8ff7331e8df851734f31e3b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38707
x-amz-id-2
8EsGSTxCil9n3NEMrDSk7zgrH4ezynAC63CdDqY4bwF6yRpJsj074U2kZZ1GcW03c96dmmQW/Q8=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
oeu1608542946653r0.5396911986412956
vis.optimizely.com/api/targeting/8033263973/8512265067/
1 KB
649 B
XHR
General
Full URL
https://vis.optimizely.com/api/targeting/8033263973/8512265067/oeu1608542946653r0.5396911986412956
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.197.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-197-116.compute-1.amazonaws.com
Software
nginx/1.15.12 / Express
Resource Hash
86a7f2144f68b7a14477b9f12bfdb07d2faa00806514af96b8c231cae8f0daba

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Encoding
gzip
ETag
W/"1375270317"
Server
nginx/1.15.12
X-Powered-By
Express
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
298
geo2.js
cdn3.optimizely.com/js/
290 B
697 B
Script
General
Full URL
https://cdn3.optimizely.com/js/geo2.js
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.234.197 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-234-197.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server
AmazonS3
x-amz-request-id
6V6ZDQ6VDHFG7GCJ
ETag
"adadfc5d7afd13e353d9d52cec1c7827"
Content-Type
application/javascript
Cache-Control
max-age=58955
Date
Mon, 21 Dec 2020 09:29:06 GMT
Connection
keep-alive
Content-Length
290
x-amz-id-2
xLYp0jdODWcKro2zsYSHR+2VKu5v+eHNZZdK8IADviKak+dPlVrJ50ygH2hvy3rBhXmRY7tHDes=
bahn-minimal-dyn.css
www.img-bahn.de/s3/prod/es//css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.img-bahn.de/s3/prod/es//css/bahn-minimal-dyn.css
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ee0d9ab4e5bcdfbea0d6bcc38d87c86bcc6da4a6c1787479e39c72b85f1b07f2

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2020 12:53:53 GMT
Server
AmazonS3
x-amz-request-id
FJAG3QAS7P5N5N5W
ETag
"9856e2fbd408a488d2024a89bce82f21"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1042
x-amz-id-2
x2nBknZWFsXz5TNNrGKE7b9xGoMqjlYJ99e1Vn3m4Due8HcyPH95KiNQty8uD4V5zGs3Hd1miwg=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
bg_nav_active_left.png
www.img-bahn.de/s3/prod/es//img/
132 B
580 B
Image
General
Full URL
https://www.img-bahn.de/s3/prod/es//img/bg_nav_active_left.png
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/bahn-minimal.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8

Request headers

Referer
https://www.img-bahn.de/s3/prod/es//css/bahn-minimal.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Thu, 17 Dec 2020 11:16:46 GMT
Server
AmazonS3
x-amz-request-id
B0D7F8DF817FB82B
ETag
"098d59e7f12383ee5f816b3ae8c12453"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132
x-amz-id-2
5SW2AS/y/zK0omjK546cvhjvRIX06nS1LSXTdx/e5zmQ16Nk12XmEYW1PNSQukKdXgxrLIvKOZ8=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
bg_nav_active_right.png
www.img-bahn.de/s3/prod/es//img/
132 B
580 B
Image
General
Full URL
https://www.img-bahn.de/s3/prod/es//img/bg_nav_active_right.png
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/bahn-minimal.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3

Request headers

Referer
https://www.img-bahn.de/s3/prod/es//css/bahn-minimal.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Thu, 17 Dec 2020 11:16:46 GMT
Server
AmazonS3
x-amz-request-id
5BA04F97448FF24F
ETag
"157df68f54b882b853b4d0efe4d1b688"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
132
x-amz-id-2
eg9xlRgwfy1ieX9hXhopRcxf/mlg8uhrP5LHdDan86UVFzn6YNemCNvB8OxNS8My+rSSIlb/2Ck=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
dbsan03-webfont.woff
www.img-bahn.de/s3/prod/es//fonts/
48 KB
48 KB
Font
General
Full URL
https://www.img-bahn.de/s3/prod/es//fonts/dbsan03-webfont.woff
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74

Request headers

Origin
https://fahrkarten.bahn.de
Referer
https://www.img-bahn.de/s3/prod/es//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Tue, 29 Sep 2020 12:53:53 GMT
Server
AmazonS3
x-amz-request-id
DXBVFT9GFRDZ3N8J
ETag
"ee22058781511177b60092028f12eea2"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48820
x-amz-id-2
TaVEr6stwy5CX3fZuPsHTKBkiagTzoRdQM3MuiXSZf/3aUWCOQjvezz+7xGC6xFx7X/jYoTe6TQ=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
dbsan06-webfont.woff
www.img-bahn.de/s3/prod/es//fonts/
48 KB
48 KB
Font
General
Full URL
https://www.img-bahn.de/s3/prod/es//fonts/dbsan06-webfont.woff
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7

Request headers

Origin
https://fahrkarten.bahn.de
Referer
https://www.img-bahn.de/s3/prod/es//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Tue, 29 Sep 2020 12:53:53 GMT
Server
AmazonS3
x-amz-request-id
0216474AF2058457
ETag
"df5cd4cd4e41ddfaf7017f95765d6308"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48880
x-amz-id-2
76M1UF9s1uB87nje0Xzx/zGBW63UgOcl3BGjQjFQuekwf64UOCwMTeWhMZ5TRBGc5Xnh5BZqcho=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
a791773171.html
a791773171.cdn.optimizely.com/client_storage/ Frame 72A7
0
0
Document
General
Full URL
https://a791773171.cdn.optimizely.com/client_storage/a791773171.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.24.4.155 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-4-155.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
a791773171.cdn.optimizely.com
:scheme
https
:path
/client_storage/a791773171.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1

Response headers

x-amz-id-2
5bJIX3+ALDu9UndOwFDPMcZXDKVfIeFe46bpehpTLgIMe1OgrMxyMCb2LFRTq2uvbFfD6luTxxc=
x-amz-request-id
FXBK0YBM6G0Z0SFT
x-amz-replication-status
PENDING
last-modified
Sun, 20 Dec 2020 23:00:15 GMT
etag
"2f3f1703a088e8c464fe43fe107d4d34"
x-amz-server-side-encryption
AES256
x-amz-meta-pci_enabled
False
content-encoding
gzip
x-amz-version-id
5BKEWxsXVUuZ9ybDGDxT4K9DZkgbhN45
accept-ranges
bytes
content-type
text/html; charset=utf-8
content-length
773
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=120
date
Mon, 21 Dec 2020 09:29:06 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="13";dur=0,cdnip;desc="184.24.4.155";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
id
st.bahn.de/
48 B
513 B
XHR
General
Full URL
https://st.bahn.de/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=12635612188681068492328510704739095026&ts=1608542946877
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//js/s_code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
8d149a329797dca2c64cc456b5899418921bc117d0bd6c9d821334e4c9eeeee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 21 Dec 2020 09:29:06 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-c7qtv
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://fahrkarten.bahn.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
icon-se530d055c2.png
www.img-bahn.de/s3/prod/es//img/
46 KB
46 KB
Image
General
Full URL
https://www.img-bahn.de/s3/prod/es//img/icon-se530d055c2.png
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ec3e9a9679e6bc5370d928c0fe3b02dc5781e0ca5a7444b8ee02cd4426b32cc2

Request headers

Referer
https://www.img-bahn.de/s3/prod/es//css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Thu, 17 Dec 2020 11:16:47 GMT
Server
AmazonS3
x-amz-request-id
90496F13E6B6EBAF
ETag
"200d2bdc1e00c16f69b671bee586db96"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46762
x-amz-id-2
tcoLFAF23Sp/aFBvStpdOuqL5lNb+/lKdgj0a5zToYFxHYcFUiUJ3xnsKIhnXVz9gwPP9Vs67VU=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
close.png
www.img-bahn.de/s3/prod/es//img/icon/
383 B
831 B
Image
General
Full URL
https://www.img-bahn.de/s3/prod/es//img/icon/close.png
Requested by
Host: www.img-bahn.de
URL: https://www.img-bahn.de/s3/prod/es//css/webclient-touch.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.235.169 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-235-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7d14a287bcf84b6e3af48dab47748c55a87de4c7beea08dab7a4b981a2d239b5

Request headers

Referer
https://www.img-bahn.de/s3/prod/es//css/webclient-touch.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Dec 2020 09:29:06 GMT
Last-Modified
Tue, 29 Sep 2020 12:53:56 GMT
Server
AmazonS3
x-amz-request-id
680E28761F237C29
ETag
"5550d88e4d064f47fc4744f8c1b0b50c"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383
x-amz-id-2
GtjLzDWAbSgDX0q5e70Xfndm3cMFZO+uiDFpp0C3JLZ9XWpoE/uylYjNBZQShJpycMKLEDsUHiA=
Expires
Mon, 21 Dec 2020 09:44:06 GMT
log
errors.client.optimizely.com/ Frame
0
0
Other
General
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://fahrkarten.bahn.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Max-Age
1800
Allow
POST,OPTIONS
Content-Type
text/plain
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Length
13
Connection
keep-alive
log
errors.client.optimizely.com/ Frame
0
0
Other
General
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://fahrkarten.bahn.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Max-Age
1800
Allow
POST,OPTIONS
Content-Type
text/plain
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Length
13
Connection
keep-alive
log
errors.client.optimizely.com/ Frame
0
0
Other
General
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://fahrkarten.bahn.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Max-Age
1800
Allow
POST,OPTIONS
Content-Type
text/plain
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Length
13
Connection
keep-alive
log
errors.client.optimizely.com/
0
244 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Type
text/plain
log
errors.client.optimizely.com/
0
244 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Type
text/plain
log
errors.client.optimizely.com/
0
244 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.159.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-159-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Mon, 21 Dec 2020 09:29:07 GMT
Content-Type
text/plain
utag.js
www.bahn.de/media/view/tms/
50 KB
15 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.js
Requested by
Host: fahrkarten.bahn.de
URL: https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46a7251d71378a84d38bfc053a871aeffd7a9ac97fa43b865f9fd06aadea1269
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"c6ab-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
14459
x-xss-protection
1; mode=block
s97411590098282
st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/
43 B
342 B
Image
General
Full URL
https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/s97411590098282?AQB=1&ndh=1&pf=1&t=21%2F11%2F2020%2010%3A29%3A6%201%20-60&mid=12635612188681068492328510704739095026&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest&g=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&c.&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&load_time=4&.c&cc=EUR&ch=BAHN_ESU_DEU_de_BAHN&events=event49%2Cevent45%2Cevent46&h1=BIZC%3EESU%3EDEU%3Ede%3EStartseite%3EVerteilerseiten&c3=Anonym&v3=Anonym&c24=D%3DpageName&v24=D%3DpageName&c48=CSRFTokenFehltImRequest&c69=logout&v69=logout&c75=D%3Dv75&v75=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:06 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 22 Dec 2020 09:29:07 GMT
server
jag
xserver
anedge-f7bfdfcfd-jczbp
etag
3454319675873525760-4621900761065467783
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 20 Dec 2020 09:29:07 GMT
utag.140.js
www.bahn.de/media/view/tms/
3 KB
2 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.140.js?utv=ut4.46.202009300820
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69a879fb6bb1f7cec8bc0d664af4ae435f29af0824661578b7ce60e97c631255
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"a82-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1366
x-xss-protection
1; mode=block
utag.85.js
www.bahn.de/media/view/tms/
3 KB
2 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202009300820
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e534e18a2a65d52f6a1c6c343ce57550d79eef87ffe5f30fd1755fa6c7a6a73a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"a5f-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1335
x-xss-protection
1; mode=block
utag.74.js
www.bahn.de/media/view/tms/
2 KB
2 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202009300820
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c5c51f3090d5c0270f510aa4711e2bbdd970c7ec5daceef8b9968fef21d8d05
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"8d2-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1134
x-xss-protection
1; mode=block
utag.138.js
www.bahn.de/media/view/tms/
4 KB
3 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.138.js?utv=ut4.46.202009300820
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
82be722e20f6ee8f24a99f64a5f42850f8223474a7aa3fa2607f0b5302bcc58c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
D80ADC7D64439D76
vary
Accept-Encoding
content-length
1966
x-amz-id-2
VqQtd44aWcRWi0jhfWs4FNPn/4hWEXIK/yI22HoGpPjKNN/S0kNyzLbo/Rd3ifG6HQZH3er4Xow=
last-modified
Mon, 30 Nov 2020 11:14:06 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"830990dae912e96ba33e3bec9e60388b"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
utag.182.js
www.bahn.de/media/view/tms/
16 KB
4 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.182.js?utv=ut4.46.202011231050
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a843c5229104df453c410d81baf36ac6aed7b83041e9aa3c9c6772b44822a8de
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"3fd4-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
3797
x-xss-protection
1; mode=block
utag.183.js
www.bahn.de/media/view/tms/
16 KB
5 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/utag.183.js?utv=ut4.46.202011231050
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14cc3f1e13492dc6b2a4a7d443ee50c5676ba2caf575cf6b263e550548e400c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"3f91-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
4359
x-xss-protection
1; mode=block
adformat.js
s2.adform.net/banners/scripts/audiencetag/
Redirect Chain
  • https://dmp.adform.net/audiencetag/adformat.js
  • https://s2.adform.net/banners/scripts/audiencetag/adformat.js
5 KB
2 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3104623d037f8cb64b2832b6d3f3978ad7cdad49d6777f259dc980fc3b304e3a

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
last-modified
Thu, 27 Aug 2020 13:01:21 GMT
server
nginx
etag
W/"5f47aea1-151e"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date
Mon, 21 Dec 2020 09:29:07 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
/
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/
56 KB
17 KB
Script
General
Full URL
https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&t=1608542947107
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202009300820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0be50cf970f99cbf6b796a016eb6403ecbb643dba0c3a89540942a01e207c36f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
377440
cf-polished
origSize=58359
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
07263a9f5b0000d8d59bbd5000000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"e3f7-RWhmZzJO71+RaArA7G0U1YihL8M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
605093abcf44d8d5-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
a2987.js
cdn.m-pathy.com/js/
24 KB
7 KB
Script
General
Full URL
https://cdn.m-pathy.com/js/a2987.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202009300820
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:c800:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccb2205c2f5c0645554285d00e09c7c419528a863fb7d58c05303cf68d1ef6f1

Request headers

Origin
https://fahrkarten.bahn.de
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:18:54 GMT
content-encoding
gzip
x-backend
serve_dynamic_ssl
age
612
x-internal
0
x-debug
serve_dynamic_ssl
x-debug2
debug
x-upstream
survey_dynamic
x-forward-proto
https
content-length
6438
via
1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-scheme
https
x-direct-upstream
serve_dynamic_ssl
last-modified
Mon, 21 Dec 2020 09:00:24 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5f64-5b6f5b051f948-gzip"
vary
Accept-Encoding
x-pool
serve_direct_default
x-force-direct
0
access-control-allow-origin
*
expires
Mon, 21 Dec 2020 10:18:54 GMT
cache-control
max-age=3600
x-debug3
apache.server
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
V6WaCubWUO0x9CsrvuJ7DHtCxePFfsqe6id7xqzri0U6snDA8sGrMw==
x-debug4
9090
exactag.js
www.bahn.de/media/view/tms/js/
13 KB
6 KB
Script
General
Full URL
https://www.bahn.de/media/view/tms/js/exactag.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:42 GMT
server
Apache
etag
"321a-5b55173b87480"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
5428
x-xss-protection
1; mode=block
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://a1.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
29 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:08 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 10:57:49 GMT
server
nginx
etag
W/"5f7ef0ad-140fb"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Mon, 21 Dec 2020 09:29:08 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
pi.aspx
m.exactag.com/ Frame EF95
7 KB
4 KB
Script
General
Full URL
https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=SJqJcHI5mIUC&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22fahrkarten.bahn.de%22%2C%22site%22%3A%22%2Fprivatkunde%2Fregistrieren%2Freg.post%22%2C%22search%22%3A%22%3Flang%3Dde%26country%3DDEU%26redirected%3D1%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Rest%22%2C%22category_name%22%3A%22BAHN_ESU_DEU_de_BAHN%22%2C%22page_name%22%3A%22BAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest%22%2C%22engine%22%3A%22Web%22%7D
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/js/exactag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b4031084899a7c0885845cf787b510c82e81752d5d9783dcddf1ed20aa393f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
Content-Length
2312
Pragma
no-cache
X-ET-Code
0
Last-Modified
Mo, 21 Dez 2020 09:29:07 GMT
Server
Microsoft-IIS/8.5
Date
Mon, 21 Dec 2020 09:29:06 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-ET-Camp
1053
Access-Control-Allow-Headers
*
Expires
-1
loader.js
cdn.m-pathy.com/modules/4.22-179/
42 KB
15 KB
Script
General
Full URL
https://cdn.m-pathy.com/modules/4.22-179/loader.js
Requested by
Host: cdn.m-pathy.com
URL: https://cdn.m-pathy.com/js/a2987.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:c800:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07

Request headers

Origin
https://fahrkarten.bahn.de
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 08:50:59 GMT
content-encoding
gzip
x-backend
serve_dynamic_ssl
age
2288
x-internal
0
x-debug
serve_dynamic_ssl
x-debug2
debug
x-upstream
survey_dynamic
x-forward-proto
https
content-length
14458
via
1.1 3649c20f8adf8628b43dbef00864e392.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-scheme
https
x-direct-upstream
serve_dynamic_ssl
last-modified
Thu, 04 Jun 2020 12:32:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"a692-5a74155c15640-gzip"
vary
Accept-Encoding
x-pool
serve_direct_default
x-force-direct
0
access-control-allow-origin
*
expires
Mon, 18 Jan 2021 08:50:59 GMT
cache-control
max-age=2419200
x-debug3
apache.server
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-amz-cf-id
rHYLu8z_K1IkQsPZS_pP091e1H6Xd3tPwy85ZsPrwNbnwwe9b4tMbQ==
x-debug4
9090
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
38 KB
4 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0lxkzEthotizcTX&Q_CLIENTVERSION=1.41.0&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&t=1608542947107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b15672f8612e24be69046336bf97e23a1181d0fd5d1ec7383b9ae28a8962352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://fahrkarten.bahn.de
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
605093ac4823d8d5-AMS
vary
Accept-Encoding
cf-request-id
07263a9fb00000d8d557adb000000001
px.aspx
m.exactag.com/ Frame 821D
0
0
Document
General
Full URL
https://m.exactag.com/px.aspx?id=ad859a5d5d1a406abd11db8681dbf639
Requested by
Host: m.exactag.com
URL: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=SJqJcHI5mIUC&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22fahrkarten.bahn.de%22%2C%22site%22%3A%22%2Fprivatkunde%2Fregistrieren%2Freg.post%22%2C%22search%22%3A%22%3Flang%3Dde%26country%3DDEU%26redirected%3D1%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Rest%22%2C%22category_name%22%3A%22BAHN_ESU_DEU_de_BAHN%22%2C%22page_name%22%3A%22BAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest%22%2C%22engine%22%3A%22Web%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
m.exactag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
exactag_new_gk=ebbeb76b99d147cbbd6e43b257a84528%7c19.02.2021+09%3a29%3a07; exactag_new_uk=b3d97454b020480992c82ad114746afe%7c; session_session=57f2384aa29541cd8d7e8ab4; exactag_new_user=1053%7c2%7c57f2384aa29541cd8d7e8ab4%7c01.01.0001+00%3a00%3a00%7c21.12.2020+09%3a29%3a07%7c57f2384aa29541cd8d7e8ab4%7c68537%7c1753%7cFalse
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-ET-Code
0
X-ET-Camp
1053
Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Mon, 21 Dec 2020 09:29:07 GMT
Connection
close
Content-Length
346
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
91 KB
27 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.41.0&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&t=1608542947107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
377441
cf-polished
origSize=94176
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
07263a9ff80000d8d55db1b000000001
last-modified
Wed, 16 Dec 2020 19:21:17 GMT
server
cloudflare
x-powered-by
Express
etag
W/"16fe0-1766cffdfc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
605093acc8ebd8d5-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
14.3bdbf63f1121552ac2ba.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
2 KB
876 B
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/14.3bdbf63f1121552ac2ba.chunk.js?Q_CLIENTVERSION=1.41.0&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&t=1608542947107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
17b80679305cdba82041511b2f4219c7ebdae8d16d9bb43e903c773a4d3f2ba8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
377441
cf-polished
origSize=2639
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
07263aa0540000d8d5b81e6000000001
last-modified
Wed, 16 Dec 2020 19:21:17 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-1766cffdfc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
605093ad59e2d8d5-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.6c2a7e2d1ddb99db1dfa.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
26 KB
6 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.6c2a7e2d1ddb99db1dfa.chunk.js?Q_CLIENTVERSION=1.41.0&Q_CLIENTTYPE=web
Requested by
Host: zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
URL: https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay&t=1608542947107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c0f07bf782295d83ea915e730f84f1067d7c210e82d348c027a49fc76304a688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
377441
cf-polished
origSize=27274
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
07263aa05c0000d8d5a58a3000000001
last-modified
Wed, 16 Dec 2020 19:21:17 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6a8a-1766cffdfc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
605093ad59e5d8d5-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
cookiesegments
dmp.adform.net/audiencetag/
2 B
240 B
XHR
General
Full URL
https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU4MV0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJhdWRpZW5jZV90YWdfY29uc3VtZXJfdjEiLCJleHAiOjE4NDY0NzkyOTksIm5iZiI6MTUzMTExOTIzOX0.FJQj3NEIHLPLagWbUeSDroGlMNqPApSp4JsfF5qhvxA
Requested by
Host: dmp.adform.net
URL: https://dmp.adform.net/audiencetag/adformat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Dec 2020 09:29:07 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fahrkarten.bahn.de
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
events
logx.optimizely.com/v1/
0
363 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.60.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-60-211.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 21 Dec 2020 09:29:08 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
a1317119-9009-4935-abcc-d2d643dbd04c
/
a1.adform.net/Serving/TrackPoint/
204 B
664 B
Script
General
Full URL
https://a1.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bfahrkarten.bahn.de%7D%7C%7BBAHN_ESU_DEU_de_BAHN%7D%7C%7BBAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest%7D&ADFdivider=%7C&ord=180586266312&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7ZmFocmthcnRlbi5iYWhuLmRlfXx7QkFITl9FU1VfREVVX2RlX0JBSE59fHtCQUhOX0VTVV9ERVVfZGVfQkFITl9TdGFuZGFyZEVycm9yX0NTUkZUb2tlbkZlaGx0SW1SZXF1ZXN0fSIsInN2MTAiOiIiLCJzdjExIjoiIiwic3YxMiI6ImFub255bSIsInN2MTUiOiIiLCJzdjE2IjoiIiwic3YxNyI6IiIsInN2MTgiOiIiLCJzdjE5IjoiIiwic3Y0MCI6IiIsIml0bXMiOlt7InN0ZXAiOjF9XX0&loc=https%3A%2F%2Ffahrkarten.bahn.de%2Fprivatkunde%2Fregistrieren%2Freg.post%3Flang%3Dde%26country%3DDEU%26redirected%3D1%23stay
Requested by
Host: a1.adform.net
URL: https://a1.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
54c60f8e1f90a3e035d2e153abfb87204a1f21209f472b0eb572d276948930e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Dec 2020 09:29:08 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
258
expires
-1
events
logx.optimizely.com/v1/
0
363 B
XHR
General
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.60.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-60-211.compute-1.amazonaws.com
Software
nginx/1.17.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fahrkarten.bahn.de/privatkunde/registrieren/reg.post?lang=de&country=DEU&redirected=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 21 Dec 2020 09:29:08 GMT
Server
nginx/1.17.2
Content-Type
text/plain
Access-Control-Allow-Origin
https://fahrkarten.bahn.de
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
abc3ff60-8c12-444b-8a64-4b6c0294c5c3

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| _ object| optimizely object| bahn_customer_id function| optimizely_url_contains function| optimizely_get_param function| optimizelyTracking object| BAHNCONSISTENCY object| cid object| BAHNCSS object| head string| gFSUGGEST number| gFSuggestInstanceCounter object| gFSuggestInstances string| FSuggestVersion string| FSuggestLastMod object| FSuggestFilter function| reinitializeFSuggest function| checkForMatches object| SLs function| checkHWAIUsage function| eId function| isFunction function| isObject function| isArray function| isDate function| isString function| moveToBody function| parseUserDateInput object| Class function| inherits function| makeObservable function| Observable function| listenToEvent object| $jscomp object| ONLINEBUCHUNGCLIENT object| BAHN_PACKAGE object| BAHN function| ModalLayer string| historyCookieTypeString function| qfSetHistCookieTypeStr function| qfInitCalendars function| qfInitCalendar object| BAHN_QF function| expandDate function| checkOptionRadio function| checkTableRadio function| checkTablesRadio function| showInfolinkWindow function| synchronizeRadio function| newWin function| newWindow function| newBrowserWindow function| setDefaultFocusOnEnter function| wecInitCalendars function| wecInitCalendar object| WEBCLIENT object| WECAJAX object| WECRESPREFS object| de object| touchoptimierung function| FSuggest object| topCities boolean| bodySelect function| CalUtils function| Observer function| CalendarControl function| Calendar function| CalendarManager object| calman undefined| $ function| jQuery object| Payone object| PayoneGlobals object| ES6Promise object| html5 object| Modernizr function| yepnope object| Mustache object| WebclientPrefs function| __extends object| monthsTexts object| weekdayTexts string| closeText string| s_account string| trackingServer string| secureTrackingServer string| visitorNameSpace string| reportSuite function| e string| s_rsaccount object| s number| inHeadTS function| s_getLoadTime function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in number| s_loadT number| s_objectID number| s_giq undefined| s_code object| digitalData object| utag_data object| a object| b string| c object| d object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| max_initial_percent string| screen_res string| browser_dim number| pixel_dens string| device_ort object| s_i_dbbahnprod boolean| utag_condload object| cart_item undefined| item undefined| verbindung undefined| reiseAbschnitt undefined| index undefined| r undefined| step object| utag boolean| __tealium_twc_switch object| utag_cfg_ovrd function| ParseUserAgent object| gUtil object| Mpathy object| exactag string| key object| _adftrack boolean| mpathy_loaded object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.41.0 object| _qsie object| Adform function| AdformAT object| KJUR object| adf

13 Cookies

Domain/Path Name / Value
fahrkarten.bahn.de/ Name: DB4-pb-shopId
Value: .1c
.bahn.de/ Name: sc_vis
Value: true
fahrkarten.bahn.de/ Name: AWSALBCORS
Value: lYS5bNoSnqmyCbtNmulMC/oc1GmsJrDb/wvTqi+e37ti47Jt+BoRWZShaB5KxGmbqX0TbPBQ0JKC4NoGExwXgfo2rNPT2kVElT84qi+lTWbTH25c9Z5IdeTtaZho
.bahn.de/ Name: s_cc
Value: true
.bahn.de/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.bahn.de/ Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: -408604571%7CMCIDTS%7C18618%7CMCMID%7C12635612188681068492328510704739095026%7CMCAID%7CNONE%7CMCOPTOUT-1608550146s%7CNONE%7CvVersion%7C4.6.0
.bahn.de/ Name: s_ecid
Value: MCMID%7C12635612188681068492328510704739095026
fahrkarten.bahn.de/ Name: AWSALB
Value: lYS5bNoSnqmyCbtNmulMC/oc1GmsJrDb/wvTqi+e37ti47Jt+BoRWZShaB5KxGmbqX0TbPBQ0JKC4NoGExwXgfo2rNPT2kVElT84qi+lTWbTH25c9Z5IdeTtaZho
.bahn.de/ Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 1
.bahn.de/ Name: s_ppv
Value: BAHN_ESU_DEU_de_BAHN_StandardError_CSRFTokenFehltImRequest%2C100%2C208%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
fahrkarten.bahn.de/ Name: DB4-pb-asid
Value: AReEoYRsGjieGAzCBfpeY5CJ6zkI-I8HV8c63ewZSPycnk6Ykv6f!1567460046
.bahn.de/ Name: DB4-pb-gsid
Value: ba178496-4064-4f36-891b-d7f2bc4d78ac
.bahn.de/ Name: optimizelyEndUserId
Value: oeu1608542946653r0.5396911986412956

5 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.optimizely.com/js/8033263973.js(Line 3435)
Message:
null
console-api log URL: https://cdn.optimizely.com/js/8033263973.js(Line 3435)
Message:
null - customerID should be set
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/bd_20.12.p07.04.min.js(Line 77)
Message:
[BackButtonRedirect] BackButtonRedirect create(): layerEnabled: true redirectEnabled: true useColorbox: true isActivatedInIFrame: false
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/bd_20.12.p07.04.min.js(Line 77)
Message:
[BackButtonRedirect] Kein Application Back Button gefunden
console-api debug URL: https://www.img-bahn.de/s3/prod/es//js/bd_20.12.p07.04.min.js(Line 77)
Message:
[BackButtonRedirect] addHashChangeEventListener called

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
a791773171.cdn.optimizely.com
cdn.m-pathy.com
cdn.optimizely.com
cdn3.optimizely.com
dmp.adform.net
errors.client.optimizely.com
fahrkarten.bahn.de
logx.optimizely.com
m.exactag.com
s2.adform.net
siteintercept.qualtrics.com
st.bahn.de
vis.optimizely.com
www.bahn.de
www.img-bahn.de
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
104.111.219.12
104.111.234.197
104.111.235.169
104.17.208.240
15.237.76.117
184.24.4.155
213.202.235.10
2600:9000:21c7:c800:1e:7aca:b8c0:93a1
2a02:26f0:6c00:2a0::13b8
37.157.3.28
37.157.4.24
37.157.5.72
52.204.60.211
52.205.197.116
52.45.159.209
81.200.196.90
0be50cf970f99cbf6b796a016eb6403ecbb643dba0c3a89540942a01e207c36f
0f7798ce18d4535479f8830f1293faf52e918d87c03d9e6915c5aafd671f1d44
12c3097ab36ec0f5ca48bc93289294b6c58b478e2d9747542e96514b10d5d64f
14cc3f1e13492dc6b2a4a7d443ee50c5676ba2caf575cf6b263e550548e400c9
17b80679305cdba82041511b2f4219c7ebdae8d16d9bb43e903c773a4d3f2ba8
1eb116eebdec1a3282c8d2b2e1e9da65fd55bbaea67e88af0b61059e6a0a1a68
272debb8bd838fe94ca805fcda14b2fe82f1fdfb4ecc8993ff56b161b80ceb23
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
2b15672f8612e24be69046336bf97e23a1181d0fd5d1ec7383b9ae28a8962352
3104623d037f8cb64b2832b6d3f3978ad7cdad49d6777f259dc980fc3b304e3a
3abd291a339e677ce3a57b491078ba317c7599033f10ab0978c1de5270ff82d3
44b926e929a9974f3123c034257ae329c20de1c34af672f5090dacff65111aa6
46a7251d71378a84d38bfc053a871aeffd7a9ac97fa43b865f9fd06aadea1269
4803ed9d18841f165caa3563828c2bcea6b2ee13efc0e0d363ce98c8a6ad44a8
49148ec5d7149642d009e2408304b46ec5073b82b9d05fbe269bb0467f0a1644
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f71325a77798cc24255ad2fc95b08d6554d157007586b345b2c2a88b23b48a8
54c60f8e1f90a3e035d2e153abfb87204a1f21209f472b0eb572d276948930e0
659d66441d1ac5f3576fb288e0eec169b0cb727b964b93596572361c0acec086
66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07
69a879fb6bb1f7cec8bc0d664af4ae435f29af0824661578b7ce60e97c631255
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
77e8b3b7762898f455c2d0839ed4a0fc021a464745ad74da30a34ffc0b239963
7d14a287bcf84b6e3af48dab47748c55a87de4c7beea08dab7a4b981a2d239b5
82be722e20f6ee8f24a99f64a5f42850f8223474a7aa3fa2607f0b5302bcc58c
86a7f2144f68b7a14477b9f12bfdb07d2faa00806514af96b8c231cae8f0daba
8872fa3ead9c0bd90da86f4e9e806602d9947c11ee2b814f5f4b1a9e30df7f9b
8d149a329797dca2c64cc456b5899418921bc117d0bd6c9d821334e4c9eeeee7
8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384
9c5c51f3090d5c0270f510aa4711e2bbdd970c7ec5daceef8b9968fef21d8d05
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
a843c5229104df453c410d81baf36ac6aed7b83041e9aa3c9c6772b44822a8de
ae70ba9d853be738348e1ecbf94db4aa29fa678b206fa2408c395054dcae0a60
b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a
b4031084899a7c0885845cf787b510c82e81752d5d9783dcddf1ed20aa393f3b
c0f07bf782295d83ea915e730f84f1067d7c210e82d348c027a49fc76304a688
ccb2205c2f5c0645554285d00e09c7c419528a863fb7d58c05303cf68d1ef6f1
cd73a9c03b2addeef370e48eab5e3d4c3524860c3d2f8a225284df4097d48c01
cf1480a7d122b580c91c65091ca4ed1f0b1d045bc2ee8320fd94439f8810305f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e534e18a2a65d52f6a1c6c343ce57550d79eef87ffe5f30fd1755fa6c7a6a73a
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3
ec3e9a9679e6bc5370d928c0fe3b02dc5781e0ca5a7444b8ee02cd4426b32cc2
ee0d9ab4e5bcdfbea0d6bcc38d87c86bcc6da4a6c1787479e39c72b85f1b07f2
efe75cc12ae672a5e711598d3e93a509122b91cf60ae9acf17f349d54cb37a93
f7f6ae09f262d859115d44bf382406865cb31925ef5a15bd469f28b5c2651e87