www.bahn.de Open in urlscan Pro
104.111.219.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.proverda.alarmprofi.de/
Effective URL:
https://www.bahn.de/p/view/index.shtml
Submission: On April 08 via automatic, source certstream-suspicious (April 8th 2021, 9:13:38 am UTC)

Summary HTTP 46 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 46 HTTP transactions. The main IP is 104.111.219.12, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.bahn.de.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 23rd 2021. Valid for: a year.

This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	85.13.128.121 85.13.128.121	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1 32	104.111.219.12 104.111.219.12	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.181.18.61 35.181.18.61	16509 (AMAZON-02) (AMAZON-02)
3 4	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	2600:9000:201... 2600:9000:2016:7c00:1e:7aca:b8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
46	11

1 85.13.128.121 (Neusalza-Spremberg, Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd49714.kasserver.com

www.proverda.alarmprofi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.111.219.12 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-12.deploy.static.akamaitechnologies.com

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.18.61 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

st.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.40 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2016:7c00:1e:7aca:b8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.m-pathy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bahn.de 1 redirects www.bahn.de st.bahn.de	1003 KB
9	adform.net 5 redirects dmp.adform.net s2.adform.net a1.adform.net	33 KB
3	exactag.com m.exactag.com	6 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	155 KB
2	m-pathy.com cdn.m-pathy.com	22 KB
1	qualtrics.com zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	18 KB
1	alarmprofi.de 1 redirects www.proverda.alarmprofi.de	93 B
46	7

	Domain	Requested by
32	www.bahn.de	1 redirects www.bahn.de
4	dmp.adform.net	3 redirects dmp.adform.net
3	m.exactag.com	www.bahn.de m.exactag.com
3	a1.adform.net	2 redirects www.bahn.de
2	errors.client.optimizely.com	cdn.optimizely.com
2	cdn.m-pathy.com	www.bahn.de cdn.m-pathy.com
2	s2.adform.net	www.bahn.de
2	st.bahn.de	www.bahn.de
1	zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	www.bahn.de
1	cdn.optimizely.com	www.bahn.de
1	www.proverda.alarmprofi.de	1 redirects
46	11

This site contains links to these domains. Also see Links.

Domain
www.bahn.com
fahrkarten.bahn.de
www.db-gruppen.de
reiseauskunft.bahn.de
bauinfos.deutschebahn.com
www.der-kleine-ice.de
inside.bahn.de
ps.bahn.de
www.bundesregierung.de
www.facebook.com
twitter.com
www.instagram.com
youtube.com
community.bahn.de
www.deutschebahn.com
bahnshop.de

Subject Issuer	Validity	Valid
www.bahn.de DigiCert TLS RSA SHA256 2020 CA1	`2021-03-23` - `2022-04-06`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
st.bahn.de DigiCert SHA2 High Assurance Server CA	`2020-03-02` - `2021-06-09`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.m-pathy.com Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/p/view/index.shtml
Frame ID: 7C19594FC1B08361E5946CA1A0D049A1
Requests: 49 HTTP requests in this frame

Frame: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=sxhsiVEhNgG0&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D
Frame ID: 865F834BC00C913D409ACEB803119E02
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/px.aspx?id=3ac4d2675386450b896023433fa69171
Frame ID: BBAA49DF9A2C6907F7327B6E6D2DB14D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.proverda.alarmprofi.de/ HTTP 301
https://www.bahn.de/ HTTP 301
https://www.bahn.de/p/view/index.shtml Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

46
Requests

100 %
HTTPS

18 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

1234 kB
Transfer

3005 kB
Size

14
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bahn.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.bahn.com/cs/view/index.shtml#slc
Title: Český

Search URL Search Domain Scan URL

URL: https://www.bahn.com/da/view/index.shtml#slc
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.bahn.com/en/view/index.shtml#slc
Title: English

Search URL Search Domain Scan URL

URL: https://www.bahn.com/es/view/index.shtml#slc
Title: Español

Search URL Search Domain Scan URL

URL: https://www.bahn.com/fr/view/index.shtml#slc
Title: Français

Search URL Search Domain Scan URL

URL: https://www.bahn.com/it/view/index.shtml#slc
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.bahn.com/nl/view/index.shtml#slc
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://www.bahn.com/pl/view/index.shtml#slc
Title: Polski

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/privatkunde/start/start.post?scope=meinebahn&lang=de&country=DEU&dbkanal_007=L01_S01_D001_KIN0004_TOP-NAVI-MEINE-BAHN_LZ01
Title: Meine Bahn

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?lang=de&scope=login&dbkanal_007=L01_S01_D001_KIN0004_TOP-NAVI-LOGIN_LZ01
Title: Login

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=pwvergessen&lang=de
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=bahnreg&lang=de
Title: Erstmalig anmelden

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/grosskunde/start/kmu_start.post?scope=pwvergessen&lang=de
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://www.db-gruppen.de/klassenfahrten?dbkanal_007=L01_S01_D001_KIN_-ta-NAVIGATION-gruppenreisen-klassenfahrten_LZ01
Title: Klassenfahrten mit Übernachtung

Search URL Search Domain Scan URL

URL: https://www.db-gruppen.de/gruppenreisen?dbkanal_007=L01_S01_D001_KIN_-ta-NAVIGATION-gruppenreisen-mituebernachtung_LZ01
Title: Gruppenreisen mit Übernachtung

Search URL Search Domain Scan URL

URL: https://reiseauskunft.bahn.de/bin/bhftafel.exe/dn?dbkanal_007=L01_S01_D001_KIN0011_-_rs_auskunft_NAVIGATION-bahnhofstafel_LZ01
Title: Bahnhofstafel online

Search URL Search Domain Scan URL

URL: https://bauinfos.deutschebahn.com/?dbkanal_007=L01_S01_D001_KIN0011_-_rs_auskunft_NAVIGATION-bauinfos_LZ01
Title: Baustellen-Infos

Search URL Search Domain Scan URL

URL: https://www.der-kleine-ice.de/?dbkanal_007=L01_S01_D001_KIN0011_-_KINDER-NAVIGATION-der-kleine-ICE_LZ01
Title: Der kleine ICE

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/tag/kinder/?dbkanal_007=L01_S01_D001_KIN0011_-_KINDER-NAVIGATION-Inside-Bahn_LZ01
Title: Inside Bahn

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/privatkunde/start/start.post?scope=meinedateneinstellungen&lang=de&country=DEU
Title: Bearbeiten

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/query.exe/dn?rit=yes
Title: Nur Sitzplatz (kein Ticket)

Search URL Search Domain Scan URL

URL: http://ps.bahn.de/preissuche/preissuche/psc_start.post
Title: Start oder Ziel außerhalb Deutschlands

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/query.exe/dn?gruppenreise=1
Title: Zur Gruppen-Reiseauskunft

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/bhftafel.exe/dn?dbkanal_007=L01_S01_D001_KIN0001_qf-puenktlichbhft_LZ03
Title: Bahnhofstafeln

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=pwvergessen&lang=de&country=DEU&dbkanal_007=L01_S01_D001_KIN0001_qf-buchungenlogin-dv_LZ04
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://www.bundesregierung.de/breg-de/themen/corona-warn-app?dbkanal_007=L01_S01_D001_KIN0001_ar5-startseitenauswertung-corona-app-NN_LZ01
Title: Laden Sie die Corona-Warn-App der Bundesregierung auf Ihr Smartphone und helfen Sie mit, Infektionsketten schnell aufzudecken. Mehr Informationen

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/db-navigator-funktionen/?dbkanal_007=L01_S01_D001_KIN0058_STARTSEITENAUSWERTUNG-SOME-2021_navigator-neue-funktionen_LZ01
Title: App DB Navigator: Wir erklären Ihnen die neuen Funktionen. Jetzt auf inside.bahn.de lesen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DBPersonenverkehr/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/db_bahn
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dbpersonenverkehr/
Title:

Search URL Search Domain Scan URL

URL: https://youtube.com/dbbahn
Title:

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/
Title:

Search URL Search Domain Scan URL

URL: https://community.bahn.de/
Title:

Search URL Search Domain Scan URL

URL: http://www.deutschebahn.com/?dbkanal_007=L01_S01_D001_KIN0001_footer-deutschebahn_LZ01
Title: Konzern

Search URL Search Domain Scan URL

URL: https://bahnshop.de/?dbkanal_007=L01_S01_D001_KIN0001_footer-bahnshop_LZ01
Title: Bahnshop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.proverda.alarmprofi.de/ HTTP 301
https://www.bahn.de/ HTTP 301
https://www.bahn.de/p/view/index.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 42

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 48

https://a1.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml

Request Chain 49

https://dmp.adform.net/serving/cookie/match/?party=1053 HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1053 HTTP 302
https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=7931736839226163733&optin=1

46 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.shtml Show response
www.bahn.de/p/view/
Redirect Chain

https://www.proverda.alarmprofi.de/
https://www.bahn.de/
https://www.bahn.de/p/view/index.shtml

118 KB
20 KB

8ms
8ms

Document
text/html

104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

48a94a9abd05aaf6ce09b6e3021510ae06b9d1b59b48ffbaee1de3c13281d84d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bahn.de
:scheme: https
:path: /p/view/index.shtml
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
date: Thu, 08 Apr 2021 09:13:20 GMT
content-length: 20087
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload

Redirect headers

content-type: text/html; charset=iso-8859-1
content-length: 246
server: Apache
x-sp: 1172
location: https://www.bahn.de/p/view/index.shtml
cache-control: max-age=600
date: Thu, 08 Apr 2021 09:13:20 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload

GET
H2 200 portal.min.css
www.bahn.de/common/view/static/17d0ec19/responsive/css/ 470 KB
98 KB 9ms
7ms Stylesheet
text/css 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d71372dd18882e66275bcadb5e9b903427b3a7688ecc7506e3757109adf1378c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 5B07DA2B7E00491D
vary: Accept-Encoding
content-length: 99833
x-amz-id-2: UFDhDqzW0XAi5wgs+8Ipfxw7p79X6dqHBEK1pRgvvqX1PCbn/UfBXXgRuioV8l9+qbJOMHk8Oy4=
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9bca5ca46e231edd158b990de6c60a49"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 softlogin.min.js Show response
www.bahn.de/common/view/static/17d0ec19/responsive/js/ 63 KB
19 KB 20ms
19ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/js/softlogin.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 30AADFD22B6E16E2
vary: Accept-Encoding
content-length: 18289
x-amz-id-2: tJTqsVbj4UA0y5g4OgfEBhsW1Laqzv8BW0S8KvTjI1D6UtKh8o3/mzg61i5WNR1cVxt6c9Dda3Q=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "e05b454dfa1d1468d94e0f903a8099f6"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 8033263973.js Show response
cdn.optimizely.com/js/ 563 KB
155 KB 22ms
6ms Script
text/javascript 2a02:26f0:6c00:2a0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/8033263973.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cac41a8d32214144110be9f37bc1801bc26aca6cf985c50f35a61abbd4c33ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ek2vE.fnPLGxJ.jlrTDhJZg71GBLIKBG
content-encoding: gzip
etag: "53f98bea38c861cd4d2bcfdf2ead63da"
x-amz-request-id: 8WDM5ZAXJQVXGZ6V
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 20315
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 157657
x-amz-id-2: /XdJsXTauoyeXtcZxFZrbxXKW+rki2CcAQZ8pAUU/axyrdfHmxGDi80y66NVCJ5hwFdxxWUVq6o=
last-modified: Thu, 08 Apr 2021 06:03:36 GMT
server: AmazonS3
date: Thu, 08 Apr 2021 09:13:20 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=1200
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 modernizr-2.8.3.min.js Show response
www.bahn.de/common/view/static/17d0ec19/js/lib/modernizr/ 11 KB
5 KB 21ms
21ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/js/lib/modernizr/modernizr-2.8.3.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: C9E84342015F70CC
vary: Accept-Encoding
content-length: 4530
x-amz-id-2: 4ULxRKbmZ6mfpmDnGTphSQfcF7bjc3V1VJCrOuxhlHYjQ8tE0OI05XCmhSBysEwOrJ4QqJKdNZ8=
last-modified: Thu, 25 Feb 2021 08:22:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "e5e402607e45feccd78c4f49b96938c3"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 db_em_rgb_100px.svg
www.bahn.de/common/view/static/v8/img/ 828 B
1 KB 8ms
7ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/v8/img/db_em_rgb_100px.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: E473378675AECC49
vary: Accept-Encoding
content-length: 480
x-amz-id-2: yACipGmwkeg4dGkBi6IqFtEHYE4tC43vxwA/mil8xuAtZBNVmBM2zepMSm2KzwQvzeyLHoYlj9Y=
last-modified: Sat, 19 May 2018 09:41:10 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "595cfbce732795e1d7cb8cbec1934345"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_327811_moodbild_980x230_fruehling_02_maerz_21_neu_980x230_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/mood_visuals/ 92 KB
93 KB 10ms
8ms Image
image/webp 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/mood_visuals/mdb_327811_moodbild_980x230_fruehling_02_maerz_21_neu_980x230_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c45ec7d6fa76eea9c7242765d79910910af2d21b0207f36a5f55e0f458772b7a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 866
etag: "c5e3125d34677af0a07cdfbb43b1e0a4"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1400289
last-modified: Thu, 25 Mar 2021 14:12:15 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 94530
x-xss-protection: 1; mode=block
server: Akamai Image Manager
expires: Sat, 24 Apr 2021 14:11:29 GMT

GET
H2 200 mdb_312645_angebotsrondell_800x400_corona_684x342_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/topangebote/ 31 KB
31 KB 12ms
10ms Image
image/webp 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/topangebote/mdb_312645_angebotsrondell_800x400_corona_684x342_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3de4293ced3cf20f3246b699e05a1eab68d0841318a53cc0091c0687cbdb4d35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Oct 2020 10:56:08 GMT
server: Akamai Image Manager
etag: "59949a209502523750510fe82bdd396c"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1302376
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 31358
x-xss-protection: 1; mode=block
expires: Fri, 23 Apr 2021 10:59:36 GMT

GET
H2 200 mdb_327904_visual_ice_980x300_980x300_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/ 147 KB
148 KB 15ms
13ms Image
image/jpeg 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/mdb_327904_visual_ice_980x300_980x300_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

1b721a6b96cccfb68f96b6daf7e23a88561f7df0571ed0a866fbb14b19843666

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 423
etag: "73112aad2ff7fa4f68512f85ae0ea7cd"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, no-transform, max-age=1432817
last-modified: Thu, 25 Mar 2021 23:14:22 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 150504
x-xss-protection: 1; mode=block
server: Akamai Image Manager
expires: Sat, 24 Apr 2021 23:13:37 GMT

GET
H2 200 mdb_304292_ticketsundangebote.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 1 KB
1 KB 18ms
14ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304292_ticketsundangebote.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c67e730af099eaee16e5c47b5f4a31155c438cdc2a80859e01b3d555097f2f4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: F01D2B1A367FD472
vary: Accept-Encoding
content-length: 595
x-amz-id-2: /Wdeb8PT7O3EU5byAogTXWMo0vWXaCQNiq8yG3AHV4Ze+cmppbgs+FtA+eztTPxGpb1X7QuhyGk=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "ed41a1db57e168d3fb7f1f596aebad87"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304291_reiseundservices.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 3 KB
2 KB 19ms
15ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304291_reiseundservices.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c9591e1e925cc078239c1ea6c33f6e980a42be082d0613262a69f3a485bdc987

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 0N8R1XATBN6VCS1G
vary: Accept-Encoding
content-length: 1359
x-amz-id-2: E4XXZoBz1z7dXDMs2UfOO83k6GjtYF7GqYuc4T6xNvRM0vd9OyWCgZYtLNBc9yr1UpOUcqJZyfU=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "64822f542b73a0e1b64077de1a825426"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304289_bahncard.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
1 KB 19ms
16ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304289_bahncard.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d98f09c35fc6e692c518f35eafc85666e8806f308686bc3329741edf98991f3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 3A3AB3A0FB94235D
vary: Accept-Encoding
content-length: 767
x-amz-id-2: AXtAKfxnUk6kTvRJSjbbklKGStTEl9tNuDYRCwPaM2sGNsdXuwY132IG/Thf8RL3avBXfJufTbM=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "70493989eac961cd396f54d2156748d9"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304290_geschaeftskunden.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
2 KB 19ms
16ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304290_geschaeftskunden.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d87399eac77203044d8c37074a8738a3e7b7120ce216e865e688d67959d5664c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 737DFE6EC5323549
vary: Accept-Encoding
content-length: 964
x-amz-id-2: O6pnqra1bKlo6IrNQ8O+MRGqg4CoSUvn2O1YOY//HBQU8c1GCB1KvUl4ICE/XDwuz0wpv3IzZJY=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "b23e3d313b66de449e7e16a63ef14f87"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304523_piktogramm_urlaub_staedtereisen_280x140.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
2 KB 20ms
17ms Image
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304523_piktogramm_urlaub_staedtereisen_280x140.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

540989a36d927a48c17524c0f50c22903c92dd951a131931d7a80c6691a3bcfa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: CBA55C172A589288
vary: Accept-Encoding
content-length: 1039
x-amz-id-2: U3ItpRFMB1PfkYYHYWaBkyV0e6zagqJqbE+8A0UOcRHfrKIwegufNv4CliVKX49sDwkn/yDWfjs=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9f99da195524878a7fd1730c1d3081a0"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_328299_20210114-shooting-2020-db-navigator-zug-ice-frau-smartphone_980x300_980x300_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/04_april/ 32 KB
33 KB 20ms
17ms Image
image/webp 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/04_april/mdb_328299_20210114-shooting-2020-db-navigator-zug-ice-frau-smartphone_980x300_980x300_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

5cc1b02abaf8edca559479faf02c91706033bd814b62ae257e7a64607b14c16a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 953
etag: "e5b06a111cd17895c2a3e55b21c10c84"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2552176
last-modified: Wed, 07 Apr 2021 22:10:14 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 32648
x-xss-protection: 1; mode=block
server: Akamai Image Manager
expires: Fri, 07 May 2021 22:09:36 GMT

GET
H2 200 portal-index.min.js Show response
www.bahn.de/common/view/static/17d0ec19/responsive/js/ 329 KB
95 KB 9ms
8ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/js/portal-index.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0aa54241b0ad30cc3ea310597b7e8890ea5102c783d496852403061cf872f344

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 14E1B4F8568C9126
vary: Accept-Encoding
content-length: 96192
x-amz-id-2: lOc5VwPvrNqW4Nx8Y/sTigt/JZodtTdEPxUXE880rb/1sbPYK1hPd42ItB+/kI4vCdoO4ZQ6Eq4=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "68c7f5e2e71a8776bef3f28eb4967702"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 s_code.min.js Show response
www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/ 111 KB
38 KB 9ms
8ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/s_code.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 040A758539D3F3DA
vary: Accept-Encoding
content-length: 37926
x-amz-id-2: +Z7YXrv8OlDjab9hod56lWeeUIryIeg2Nv2bollbPhAAs4mssXwsY3Fw9otPUahugpF+dlFLRDA=
last-modified: Thu, 25 Feb 2021 08:22:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "c12f54903e3a0b802d70539124a34902"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 svg-sprites.svg
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 324 KB
88 KB 21ms
19ms Other
image/svg+xml 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/svg-sprites.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: CWESEGEJ7NBQAXCM
vary: Accept-Encoding
content-length: 89114
x-amz-id-2: l0r0yaVjIG74IkqEIGvC8TekUTZHxAVMeLSGkXlKP5uvlFAqznGGECTbOqd3bzqAJzo2vk5OUH8=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "5897c322752528b7f1b3c668589924bb"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 icon-s73bc5bf69c.png
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 53 KB
54 KB 18ms
18ms Image
image/png 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/icon-s73bc5bf69c.png

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: 867BD286121BD07F
etag: "aeea28ca3930a6dcf8000d07b505436f"
x-frame-options: SAMEORIGIN
x-amz-id-2: ZL2dzRtqG8UVDtvq8r1Ryq2eyO3DVJ6ZwoTRHF0Jar69HrIAA3ests6tBdTYOcjXO700DExlw58=
content-type: image/png
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 54236
x-xss-protection: 1; mode=block

GET
H2 200 dbsan06-webfont.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 48 KB
48 KB 8ms
7ms Font
binary/octet-stream 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/dbsan06-webfont.woff

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: 7Q3JBX9T7N1V2Q2R
etag: "df5cd4cd4e41ddfaf7017f95765d6308"
x-frame-options: SAMEORIGIN
x-amz-id-2: pEdQ+DmZ60IlIqFJYgMCOZDAy6o4JYv4J7CGkZVjDn7kS9xEMx2DTtgz5QvOpEr9G+866Bwo4EA=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 48880
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd715407bbcb2c0325bb1e1466715b9ec9dcd2e7e662e647fddf74d92ba4150

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 824 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e1a71dbeac14ad724fd5bf1f63d833a2cea06c7de8f9173b6d2a3bad0fbc7bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd45e3a7a55ce6d15988606f79657a593097ac40f0d29bff151fdd10b0438b88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1019 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5db9108016c62906c987c432fab8efb55a0c92425c9cace3793c536fa2aafcde

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90d765be61f3668f58a9fee31185882edaf07d31b79ef37e1305b23fd01d6aef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff458e01b24643b5a0d6b8a21452f5a582ac28527a05c36aa0ff6f37c5186214

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo-sccc6c8d933.png
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 92 KB
93 KB 8ms
8ms Image
image/png 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/logo-sccc6c8d933.png

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fab0c6f26511c8bfe80effdca1e740eaaf413120c26b84d160ea19866b647e58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:28 GMT
server: AmazonS3
x-amz-request-id: 902789C2D41876D1
etag: "3d419e48e4de23dc07c5f5dca4541cfd"
x-frame-options: SAMEORIGIN
x-amz-id-2: OOiwENtmtKM+fN7JO+wo81qK9zP/i6nnzzJcTkqSnKX4Thkb7jJtschd4x6zLD2ddOhjUeqJVAI=
content-type: image/png
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 94154
x-xss-protection: 1; mode=block

GET
H2 200 dbsan03-webfont.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 48 KB
48 KB 9ms
8ms Font
binary/octet-stream 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/dbsan03-webfont.woff

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: 6CED31D403792FB6
etag: "ee22058781511177b60092028f12eea2"
x-frame-options: SAMEORIGIN
x-amz-id-2: BuHK+ZzBb7Qik22pzAPzdW+/HgbljLLllyPxKVIjSTb9Uh3tary7kVr6TUibR1/xyxHlEZM5lYM=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 48820
x-xss-protection: 1; mode=block

GET
H2 200 db-icons.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 29 KB
29 KB 9ms
9ms Font
binary/octet-stream 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/db-icons.woff?de5f8900bd1b6298cc0ca94466418537

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: CY7X8KEQ5H6KES7R
etag: "2ee679e77cd50b24e96de14b9e9f44fa"
x-frame-options: SAMEORIGIN
x-amz-id-2: exzL1hx3idvFkdG/Jqt5XAnf4Iq7cNoxGJLaddOca6kaeHQdXRdtDhJad1MphUOjaabDL+kbIls=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 29320
x-xss-protection: 1; mode=block

GET
H2 200 id Show response
st.bahn.de/ 48 B
508 B 81ms
18ms XHR
application/x-javascript 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://st.bahn.de/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=84802615848429933189177773631091100125&ts=1617873200744

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/s_code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a25a4ce6176a949104c0fb6836469d4446dd0111802ac01af4d8b92a1a35170a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-fd4497967-btksm
vary: Origin
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.bahn.de
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 utag.js Show response
www.bahn.de/media/view/tms/ 51 KB
15 KB 18ms
17ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e43eed8bc914b815d6d0e574f6604bc8473e0f9d18bf0045499d5e20c7926510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "cd68-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 14672
x-xss-protection: 1; mode=block

GET
H2 200 getjson.pl Show response
www.bahn.de/pbin/ 103 KB
16 KB 55ms
54ms XHR
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/pbin/getjson.pl?name=nav_p&callback=jQuery1110013990816213431057_1617873200676&_=1617873200677

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/js/portal-index.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fcbbc55df19aeeee51bced26d10460860a7f113bc40d0485fcf101a849db81d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.bahn.de/p/view/index.shtml
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
date: Thu, 08 Apr 2021 09:13:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: max-age=180
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
content-length: 15450
x-xss-protection: 1; mode=block

GET
H2 200 s3257579828856
st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/ 43 B
341 B 19ms
19ms Image
image/gif 35.181.18.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/s3257579828856?AQB=1&ndh=1&pf=1&t=8%2F3%2F2021%2011%3A13%3A20%204%20-120&mid=84802615848429933189177773631091100125&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_PVE_DEU_DE_index&g=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&c.&Rendering=Desktop&Orientierung=Landscape&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&load_time=3&.c&cc=EUR&ch=BAHN_PVE_DEU_DE&events=event45%2Cevent46&h1=PVE&c4=BAHN_PVE_DEU_DE&v4=BAHN_PVE_DEU_DE&c22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&v22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&c24=D%3DpageName&v24=D%3DpageName&c69=logout&v69=logout&v74=D%3DpageName&c75=D%3Dv75&v75=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.181.18.61 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-18-61.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
x-content-type-options: nosniff
x-c: main-1451.Ibee288.M0-486
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 09 Apr 2021 09:13:20 GMT
server: jag
xserver: anedge-fd4497967-jhqk8
etag: 3474356242238603264-4622004309532798515
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 07 Apr 2021 09:13:20 GMT

GET
H2 200 utag.140.js Show response
www.bahn.de/media/view/tms/ 3 KB
2 KB 16ms
15ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.140.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ec470e7fa45aa2bc36e1507281d56dedb4d4da845e0245cf6590f6d345ebcd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "a82-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1366
x-xss-protection: 1; mode=block

GET
H2 200 utag.85.js Show response
www.bahn.de/media/view/tms/ 3 KB
2 KB 18ms
17ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11850f3f703a8a6c11e28c86fd97ad657ac67432ce1998305c2d2893693234da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "a5f-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1337
x-xss-protection: 1; mode=block

GET
H2 200 utag.74.js Show response
www.bahn.de/media/view/tms/ 2 KB
2 KB 23ms
22ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4d1584c26e1c4386160cb5c9a6ef0510e2f52edd9165386b41feba41ec97e1c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "8d2-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1134
x-xss-protection: 1; mode=block

GET
H2 200 utag.138.js Show response
www.bahn.de/media/view/tms/ 4 KB
2 KB 23ms
22ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.138.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd6c45d79efce7787c36717ca452774cb25c6b11acd7f95136c78617d2f8a227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "11fe-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1969
x-xss-protection: 1; mode=block

GET
H2 200 utag.182.js Show response
www.bahn.de/media/view/tms/ 16 KB
4 KB 23ms
23ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.182.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a6ccbf69dd9766b1aa439eb5af555794f2551b3f1747b09bb9ddccc90f431c30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "3fed-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3814
x-xss-protection: 1; mode=block

GET
H2 200 utag.183.js Show response
www.bahn.de/media/view/tms/ 16 KB
5 KB 24ms
23ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.183.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4a4c7bf187382ec7af807936da98ea13c7e11da9ada1ec0618a059a0d3900d52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "3f91-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4359
x-xss-protection: 1; mode=block

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

4 KB
2 KB

65ms
20ms

Script
application/x-javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 10:39:24 GMT
server: nginx
etag: W/"6005655c-11e8"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Thu, 08 Apr 2021 09:13:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 / Show response
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/ 60 KB
18 KB 60ms
33ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&t=1617873200986

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202103091213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6db8dcd8ad7c171bff03eaeed4deda3bd77e42f385c43583ca0ae02f91a83275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 537370
cf-polished: origSize=62663
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 09525aff770000c2f4a4b89000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f4c7-OBebFda/f6W0HmQVRy34Px9uYyM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 63ca61125e7fc2f4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 exactag.js Show response
www.bahn.de/media/view/tms/js/ 13 KB
6 KB 7ms
7ms Script
text/javascript 104.111.219.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/js/exactag.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.219.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-219-12.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Nov 2020 11:38:42 GMT
server: Apache
etag: "321a-5b55173b87480"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5428
x-xss-protection: 1; mode=block

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
28 KB

28ms
28ms

Script
application/x-javascript

37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 14:31:29 GMT
server: nginx
etag: W/"605b4d41-13e1b"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Thu, 08 Apr 2021 09:13:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 a2987.js Show response
cdn.m-pathy.com/js/ 24 KB
7 KB 49ms
15ms Script
application/javascript 2600:9000:2016:7c00:1e:7aca:b8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.m-pathy.com/js/a2987.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202103091213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:7c00:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e86a30c1984ff4283b00fa3120ea43a99e770a602915ef00cdc22f28d1295056

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 08:59:43 GMT
content-encoding: gzip
x-debug4: 9090
x-backend: serve_dynamic_ssl
age: 818
x-internal: 0
x-debug: serve_dynamic_ssl
x-debug2: debug
x-upstream: survey_dynamic
x-forward-proto: https
content-length: 6295
via: 1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-scheme: https
x-direct-upstream: serve_dynamic_ssl
last-modified: Wed, 31 Mar 2021 12:45:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e5c-5bed47cc63469-gzip"
vary: Accept-Encoding
x-pool: serve_direct_default
x-force-direct: 0
access-control-allow-origin: *
cache-control: max-age=3600
x-debug3: apache.server
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 8XN7pcVY7Qn1W2EhsGqBN-aapolJWS7R5pDi6jOVwSj_wHvUmgrgNA==
expires: Thu, 08 Apr 2021 09:59:43 GMT

GET
H/1.1 200
OK pi.aspx Show response
m.exactag.com/ Frame 865F 7 KB
4 KB 76ms
40ms Script
text/javascript 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=sxhsiVEhNgG0&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/js/exactag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

81392f64c1a395c6d48674104cc8f1dc0fe4d500ce7a73919f2a47f7efd4cea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 08 Apr 2021 09:13:21 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 08 Apr 2021 09:13:21 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.bahn.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: -1

GET
H2 200 loader.js Show response
cdn.m-pathy.com/modules/4.22-179/ 42 KB
15 KB 16ms
16ms Script
application/javascript 2600:9000:2016:7c00:1e:7aca:b8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.m-pathy.com/modules/4.22-179/loader.js
Requested by: Host: cdn.m-pathy.com
URL: https://cdn.m-pathy.com/js/a2987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:7c00:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 08:49:06 GMT
content-encoding: gzip
x-debug4: 9090
x-backend: serve_dynamic_ssl
age: 1455
x-internal: 0
x-debug: serve_dynamic_ssl
x-debug2: debug
x-upstream: survey_dynamic
x-forward-proto: https
content-length: 14458
via: 1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-scheme: https
x-direct-upstream: serve_dynamic_ssl
last-modified: Thu, 04 Jun 2020 12:32:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "a692-5a74155c15640-gzip"
vary: Accept-Encoding
x-pool: serve_direct_default
x-force-direct: 0
access-control-allow-origin: *
cache-control: max-age=2419200
x-debug3: apache.server
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: dTB1JPCeGmKeoXacnnl_TfzhzfuCbrQn7TfOd3Bkuhf4OMMzh45-2Q==
expires: Thu, 06 May 2021 08:49:06 GMT

GET
H/1.1 200
OK px.aspx Show response
m.exactag.com/ Frame BBAA 276 B
740 B 47ms
15ms Document
text/html 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/px.aspx?id=3ac4d2675386450b896023433fa69171

Requested by

Host: m.exactag.com
URL: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=sxhsiVEhNgG0&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

bf69305acc75d6fa447712ed127c3d217c117678fb59ffe86b5ae52949d54384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: m.exactag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bahn.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: exactag_new_gk=8dbe583a1cf44707b29b5ed419e7e132%7c07.06.2021+09%3a13%3a21; exactag_new_uk=b97c5e9384404fd38b5d2ee87a5b2f48%7c; session_session=ed2c643ed97c4cdea25cc1a9; exactag_new_user=1053%7c2%7ced2c643ed97c4cdea25cc1a9%7c01.01.0001+00%3a00%3a00%7c08.04.2021+09%3a13%3a21%7ced2c643ed97c4cdea25cc1a9%7c68537%7c1753%7cFalse
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bahn.de/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-ET-Code: 0
X-ET-Camp: 1053
Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 08 Apr 2021 09:13:20 GMT
Connection: close
Content-Length: 346

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ 2 B
236 B 21ms
21ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU4MV0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJhdWRpZW5jZV90YWdfY29uc3VtZXJfdjEiLCJleHAiOjE4NDY0NzkyOTksIm5iZiI6MTUzMTExOTIzOX0.FJQj3NEIHLPLagWbUeSDroGlMNqPApSp4JsfF5qhvxA

Requested by

Host: dmp.adform.net
URL: https://dmp.adform.net/audiencetag/adformat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bahn.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C1600x120...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C160...

155 B
623 B

24ms
23ms

Script
text/javascript

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fb7f5cbe9bc964af9d90911e29db84254705b475415a73f26939f4a289ad350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:13:21 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 217
expires: -1

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:13:21 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=761754485813&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1

200
OK

cmatch.aspx
m.exactag.com/ Frame BBAA
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1053
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1053
https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=7931736839226163733&optin=1

43 B
907 B

53ms
20ms

Image
image/gif

213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=7931736839226163733&optin=1

Requested by

Host: m.exactag.com
URL: https://m.exactag.com/px.aspx?id=3ac4d2675386450b896023433fa69171

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://m.exactag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 08 Apr 2021 09:13:21 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 08 Apr 2021 09:13:21 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://m.exactag.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 0
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Apr 2021 09:13:21 GMT
server: nginx
location: https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=7931736839226163733&optin=1
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 413ms
103ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.bahn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.bahn.de
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Thu, 08 Apr 2021 09:13:21 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
237 B 103ms
102ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.bahn.de
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Thu, 08 Apr 2021 09:13:21 GMT
Content-Type: text/plain

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.exactag.com/	1970-01-19 21:43:45	Name: exactag_new_uk Value: b97c5e9384404fd38b5d2ee87a5b2f48%7c%7c1%7cpradf%3d7931736839226163733
m.exactag.com/	1970-01-19 21:43:45	Name: exactag_new_user Value: 1053%7c2%7ced2c643ed97c4cdea25cc1a9%7c01.01.0001+00%3a00%3a00%7c08.04.2021+09%3a13%3a21%7ced2c643ed97c4cdea25cc1a9%7c68537%7c1753%7cFalse
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: ed2c643ed97c4cdea25cc1a9
.bahn.de/	1969-12-31 23:59:59	Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: 1
.bahn.de/	1969-12-31 23:59:59	Name: s_ppv Value: BAHN_PVE_DEU_DE_index%2C36%2C36%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/	1970-01-20 10:55:45	Name: s_ecid Value: MCMID%7C84802615848429933189177773631091100125
.bahn.de/	1970-01-20 10:55:45	Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg Value: -408604571%7CMCIDTS%7C18726%7CMCMID%7C84802615848429933189177773631091100125%7CMCAID%7CNONE%7CMCOPTOUT-1617880400s%7CNONE%7CvVersion%7C4.6.0
.bahn.de/	1970-01-19 19:34:09	Name: et_gk Value: 8dbe583a1cf44707b29b5ed419e7e132\|07.06.2021 09:13:21
.bahn.de/	1970-01-20 02:10:09	Name: utag_main Value: v_id:0178b0c1e72e0013c6f50daaa36400072002606a00b08$_sn:1$_se:1$_ss:1$_st:1617875000944$ses_id:1617873200944%3Bexp-session$_pn:1%3Bexp-session$ls:undefined%3Bexp-session
.bahn.de/	1969-12-31 23:59:59	Name: s_ppvl Value: BAHN_PVE_DEU_DE_index%2C36%2C36%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/	1970-01-19 21:43:45	Name: et_uk Value: b97c5e9384404fd38b5d2ee87a5b2f48
.bahn.de/	1969-12-31 23:59:59	Name: s_cc Value: true
.bahn.de/	1969-12-31 23:59:59	Name: sc_vis Value: true
m.exactag.com/	1970-01-19 19:34:09	Name: exactag_new_gk Value: 8dbe583a1cf44707b29b5ed419e7e132%7c07.06.2021+09%3a13%3a21

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
cdn.m-pathy.com
cdn.optimizely.com
dmp.adform.net
errors.client.optimizely.com
m.exactag.com
s2.adform.net
st.bahn.de
www.bahn.de
www.proverda.alarmprofi.de
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
104.111.219.12
104.17.208.240
213.202.235.8
2600:9000:2016:7c00:1e:7aca:b8c0:93a1
2a02:26f0:6c00:2a0::13b8
3.225.10.210
35.181.18.61
37.157.2.247
37.157.4.23
37.157.4.40
85.13.128.121
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
0aa54241b0ad30cc3ea310597b7e8890ea5102c783d496852403061cf872f344
11850f3f703a8a6c11e28c86fd97ad657ac67432ce1998305c2d2893693234da
1b721a6b96cccfb68f96b6daf7e23a88561f7df0571ed0a866fbb14b19843666
26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
3de4293ced3cf20f3246b699e05a1eab68d0841318a53cc0091c0687cbdb4d35
3e1a71dbeac14ad724fd5bf1f63d833a2cea06c7de8f9173b6d2a3bad0fbc7bf
48a94a9abd05aaf6ce09b6e3021510ae06b9d1b59b48ffbaee1de3c13281d84d
4a4c7bf187382ec7af807936da98ea13c7e11da9ada1ec0618a059a0d3900d52
4d1584c26e1c4386160cb5c9a6ef0510e2f52edd9165386b41feba41ec97e1c3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb7f5cbe9bc964af9d90911e29db84254705b475415a73f26939f4a289ad350
540989a36d927a48c17524c0f50c22903c92dd951a131931d7a80c6691a3bcfa
554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
5cc1b02abaf8edca559479faf02c91706033bd814b62ae257e7a64607b14c16a
5db9108016c62906c987c432fab8efb55a0c92425c9cace3793c536fa2aafcde
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
6db8dcd8ad7c171bff03eaeed4deda3bd77e42f385c43583ca0ae02f91a83275
81392f64c1a395c6d48674104cc8f1dc0fe4d500ce7a73919f2a47f7efd4cea9
8ec470e7fa45aa2bc36e1507281d56dedb4d4da845e0245cf6590f6d345ebcd4
90d765be61f3668f58a9fee31185882edaf07d31b79ef37e1305b23fd01d6aef
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a25a4ce6176a949104c0fb6836469d4446dd0111802ac01af4d8b92a1a35170a
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
a6ccbf69dd9766b1aa439eb5af555794f2551b3f1747b09bb9ddccc90f431c30
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd45e3a7a55ce6d15988606f79657a593097ac40f0d29bff151fdd10b0438b88
bd6c45d79efce7787c36717ca452774cb25c6b11acd7f95136c78617d2f8a227
bdd715407bbcb2c0325bb1e1466715b9ec9dcd2e7e662e647fddf74d92ba4150
bf0f3b28dae6ed0a62be43850fcc6b97bf90b6dcd7a4cda6e201b17adb517412
bf69305acc75d6fa447712ed127c3d217c117678fb59ffe86b5ae52949d54384
c45ec7d6fa76eea9c7242765d79910910af2d21b0207f36a5f55e0f458772b7a
c67e730af099eaee16e5c47b5f4a31155c438cdc2a80859e01b3d555097f2f4e
c9591e1e925cc078239c1ea6c33f6e980a42be082d0613262a69f3a485bdc987
cac41a8d32214144110be9f37bc1801bc26aca6cf985c50f35a61abbd4c33ad0
d71372dd18882e66275bcadb5e9b903427b3a7688ecc7506e3757109adf1378c
d87399eac77203044d8c37074a8738a3e7b7120ce216e865e688d67959d5664c
d98f09c35fc6e692c518f35eafc85666e8806f308686bc3329741edf98991f3d
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43eed8bc914b815d6d0e574f6604bc8473e0f9d18bf0045499d5e20c7926510
e86a30c1984ff4283b00fa3120ea43a99e770a602915ef00cdc22f28d1295056
fab0c6f26511c8bfe80effdca1e740eaaf413120c26b84d160ea19866b647e58
fcbbc55df19aeeee51bced26d10460860a7f113bc40d0485fcf101a849db81d3
ff458e01b24643b5a0d6b8a21452f5a582ac28527a05c36aa0ff6f37c5186214

www.bahn.de Open in urlscan Pro 104.111.219.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

18 %IPv6

7 Domains

11 Subdomains

11 IPs

4 Countries

1234 kBTransfer

3005 kBSize

14 Cookies

36 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bahn.de Open in urlscan Pro
104.111.219.12 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

18 %
IPv6

7
Domains

11
Subdomains

11
IPs

4
Countries

1234 kB
Transfer

3005 kB
Size

14
Cookies

46 HTTP transactions
7 data transactions