www.bahn.de Open in urlscan Pro
184.24.27.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bahn.de/
Effective URL:
https://www.bahn.de/p/view/index.shtml
Submission: On March 23 via manual (March 23rd 2021, 10:08:37 pm UTC) from DE

Summary HTTP 46 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 6 domains to perform 46 HTTP transactions. The main IP is 184.24.27.201, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.bahn.de.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 23rd 2021. Valid for: a year.

This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.93.33.134 54.93.33.134	16509 (AMAZON-02) (AMAZON-02)
1 32	184.24.27.201 184.24.27.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
4 6	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206f:9600:1e:7aca:b8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	3.225.10.210 3.225.10.210	14618 (AMAZON-AES) (AMAZON-AES)
46	10

1 54.93.33.134 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-33-134.eu-central-1.compute.amazonaws.com

bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 184.24.27.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-27-201.deploy.static.akamaitechnologies.com

www.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

st.bahn.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.238 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:9600:1e:7aca:b8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.m-pathy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.14.248.71 (Krefeld, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.10.210 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-10-210.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	bahn.de 2 redirects bahn.de www.bahn.de st.bahn.de	931 KB
8	adform.net 4 redirects dmp.adform.net s2.adform.net a1.adform.net	33 KB
3	exactag.com m.exactag.com	6 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	162 KB
2	m-pathy.com cdn.m-pathy.com	21 KB
1	qualtrics.com zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	18 KB
46	6

	Domain	Requested by
32	www.bahn.de	1 redirects www.bahn.de
3	m.exactag.com	www.bahn.de m.exactag.com
3	a1.adform.net	2 redirects www.bahn.de
3	dmp.adform.net	2 redirects dmp.adform.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	cdn.m-pathy.com	www.bahn.de cdn.m-pathy.com
2	s2.adform.net	www.bahn.de
2	st.bahn.de	www.bahn.de
1	zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com	www.bahn.de
1	cdn.optimizely.com	www.bahn.de
1	bahn.de	1 redirects
46	11

This site contains links to these domains. Also see Links.

Domain
www.bahn.com
fahrkarten.bahn.de
www.db-gruppen.de
reiseauskunft.bahn.de
bauinfos.deutschebahn.com
www.der-kleine-ice.de
inside.bahn.de
ps.bahn.de
www.bundesregierung.de
bahnbonus.bahncard.de
www.facebook.com
twitter.com
www.instagram.com
youtube.com
community.bahn.de
www.deutschebahn.com
bahnshop.de

Subject Issuer	Validity	Valid
www.bahn.de DigiCert TLS RSA SHA256 2020 CA1	`2021-03-23` - `2022-04-06`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
st.bahn.de DigiCert SHA2 High Assurance Server CA	`2020-03-02` - `2021-06-09`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.m-pathy.com Amazon	`2020-12-31` - `2022-01-29`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2019-08-28` - `2021-09-13`	2 years	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.bahn.de/p/view/index.shtml
Frame ID: 049B39A57CBF22D3F98472F6099B4418
Requests: 49 HTTP requests in this frame

Frame: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=xl8JKtBxisDN&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D
Frame ID: E3EF983E08BC891A33A0E1EFF85C6681
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/px.aspx?id=a88c3db2e2e747f9ae572fa82f5e7d2f
Frame ID: 7E92D71EF770E907100811EFEBE36B83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bahn.de/ HTTP 301
https://www.bahn.de/ HTTP 301
https://www.bahn.de/p/view/index.shtml Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

46
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

11
Subdomains

10
IPs

4
Countries

1169 kB
Transfer

2957 kB
Size

2
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bahn.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.bahn.com/cs/view/index.shtml#slc
Title: Český

Search URL Search Domain Scan URL

URL: https://www.bahn.com/da/view/index.shtml#slc
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.bahn.com/en/view/index.shtml#slc
Title: English

Search URL Search Domain Scan URL

URL: https://www.bahn.com/es/view/index.shtml#slc
Title: Español

Search URL Search Domain Scan URL

URL: https://www.bahn.com/fr/view/index.shtml#slc
Title: Français

Search URL Search Domain Scan URL

URL: https://www.bahn.com/it/view/index.shtml#slc
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.bahn.com/nl/view/index.shtml#slc
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://www.bahn.com/pl/view/index.shtml#slc
Title: Polski

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/privatkunde/start/start.post?scope=meinebahn&lang=de&country=DEU&dbkanal_007=L01_S01_D001_KIN0004_TOP-NAVI-MEINE-BAHN_LZ01
Title: Meine Bahn

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?lang=de&scope=login&dbkanal_007=L01_S01_D001_KIN0004_TOP-NAVI-LOGIN_LZ01
Title: Login

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=pwvergessen&lang=de
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=bahnreg&lang=de
Title: Erstmalig anmelden

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/grosskunde/start/kmu_start.post?scope=pwvergessen&lang=de
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://www.db-gruppen.de/klassenfahrten?dbkanal_007=L01_S01_D001_KIN_-ta-NAVIGATION-gruppenreisen-klassenfahrten_LZ01
Title: Klassenfahrten mit Übernachtung

Search URL Search Domain Scan URL

URL: https://www.db-gruppen.de/gruppenreisen?dbkanal_007=L01_S01_D001_KIN_-ta-NAVIGATION-gruppenreisen-mituebernachtung_LZ01
Title: Gruppenreisen mit Übernachtung

Search URL Search Domain Scan URL

URL: https://reiseauskunft.bahn.de/bin/bhftafel.exe/dn?dbkanal_007=L01_S01_D001_KIN0011_-_rs_auskunft_NAVIGATION-bahnhofstafel_LZ01
Title: Bahnhofstafel online

Search URL Search Domain Scan URL

URL: https://bauinfos.deutschebahn.com/?dbkanal_007=L01_S01_D001_KIN0011_-_rs_auskunft_NAVIGATION-bauinfos_LZ01
Title: Baustellen-Infos

Search URL Search Domain Scan URL

URL: https://www.der-kleine-ice.de/?dbkanal_007=L01_S01_D001_KIN0011_-_KINDER-NAVIGATION-der-kleine-ICE_LZ01
Title: Der kleine ICE

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/tag/kinder/?dbkanal_007=L01_S01_D001_KIN0011_-_KINDER-NAVIGATION-Inside-Bahn_LZ01
Title: Inside Bahn

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/privatkunde/start/start.post?scope=meinedateneinstellungen&lang=de&country=DEU
Title: Bearbeiten

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/query.exe/dn?rit=yes
Title: Nur Sitzplatz (kein Ticket)

Search URL Search Domain Scan URL

URL: http://ps.bahn.de/preissuche/preissuche/psc_start.post
Title: Start oder Ziel außerhalb Deutschlands

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/query.exe/dn?gruppenreise=1
Title: Zur Gruppen-Reiseauskunft

Search URL Search Domain Scan URL

URL: http://reiseauskunft.bahn.de/bin/bhftafel.exe/dn?dbkanal_007=L01_S01_D001_KIN0001_qf-puenktlichbhft_LZ03
Title: Bahnhofstafeln

Search URL Search Domain Scan URL

URL: https://fahrkarten.bahn.de/cache/start/start.post?scope=pwvergessen&lang=de&country=DEU&dbkanal_007=L01_S01_D001_KIN0001_qf-buchungenlogin-dv_LZ04
Title: Login-Daten vergessen?

Search URL Search Domain Scan URL

URL: https://www.bundesregierung.de/breg-de/themen/corona-warn-app?dbkanal_007=L01_S01_D001_KIN0001_ar5-startseitenauswertung-corona-app-NN_LZ01
Title: Laden Sie die Corona-Warn-App der Bundesregierung auf Ihr Smartphone und helfen Sie mit, Infektionsketten schnell aufzudecken. Mehr Informationen

Search URL Search Domain Scan URL

URL: https://bahnbonus.bahncard.de/bahnbonus-eiersuche?dbkanal_007=L01_S01_D001_KIN0001_kv4-startseitenauswertung-bahnbonus-ostergewinnspiel-FV_LZ01
Title: Ostern wird gepunktet: Über 1,6 Mio. BahnBonus Punkte gewinnen! Jetzt mitmachen

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/innovationen-s-bahn-stuttgart/?dbkanal_007=L01_S01_D001_KIN0058_STARTSEITENAUSWERTUNG-SOME-2021_s-bahn-stuttgart_LZ01
Title: So innovativ ist die S-Bahn Stuttgart. Jetzt auf inside.bahn.de lesen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DBPersonenverkehr/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/db_bahn
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dbpersonenverkehr/
Title:

Search URL Search Domain Scan URL

URL: https://youtube.com/dbbahn
Title:

Search URL Search Domain Scan URL

URL: https://inside.bahn.de/
Title:

Search URL Search Domain Scan URL

URL: https://community.bahn.de/
Title:

Search URL Search Domain Scan URL

URL: http://www.deutschebahn.com/?dbkanal_007=L01_S01_D001_KIN0001_footer-deutschebahn_LZ01
Title: Konzern

Search URL Search Domain Scan URL

URL: https://bahnshop.de/?dbkanal_007=L01_S01_D001_KIN0001_footer-bahnshop_LZ01
Title: Bahnshop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bahn.de/ HTTP 301
https://www.bahn.de/ HTTP 301
https://www.bahn.de/p/view/index.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://dmp.adform.net/audiencetag/adformat.js HTTP 301
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

Request Chain 43

https://a1.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 47

https://a1.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml HTTP 302
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml

Request Chain 49

https://dmp.adform.net/serving/cookie/match/?party=1053 HTTP 302
https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=5515368193953809632&optin=1

46 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.shtml Show response
www.bahn.de/p/view/
Redirect Chain

http://bahn.de/
https://www.bahn.de/
https://www.bahn.de/p/view/index.shtml

118 KB
20 KB

32ms
31ms

Document
text/html

184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8f5f27cf78c2017bdd4a2d791032f85512546826b42ecb0f6c1e2500b3c43f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bahn.de
:scheme: https
:path: /p/view/index.shtml
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
date: Tue, 23 Mar 2021 22:07:58 GMT
content-length: 20143
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload

Redirect headers

content-type: text/html; charset=iso-8859-1
content-length: 246
server: Apache
x-sp: 1172
location: https://www.bahn.de/p/view/index.shtml
cache-control: max-age=600
date: Tue, 23 Mar 2021 22:07:58 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload

GET
H2 200 portal.min.css
www.bahn.de/common/view/static/17d0ec19/responsive/css/ 470 KB
98 KB 33ms
32ms Stylesheet
text/css 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d71372dd18882e66275bcadb5e9b903427b3a7688ecc7506e3757109adf1378c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: E8EE20F121ED9BA1
vary: Accept-Encoding
content-length: 99833
x-amz-id-2: c5t3dBf6Q/RSvBobkJZGvy2jmx0hwKBblgBvAn/7eN/3H9FDpG67cU+slUa/fHWA9Be6bJJafmk=
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9bca5ca46e231edd158b990de6c60a49"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 softlogin.min.js Show response
www.bahn.de/common/view/static/17d0ec19/responsive/js/ 63 KB
19 KB 66ms
65ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/js/softlogin.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 590EDEDD93285929
vary: Accept-Encoding
content-length: 18289
x-amz-id-2: OHjNgKOEmokB0Jh9Pn0NlEXnrhFJVPvitSDFBwia8724EOb+Yw6w/62LzkeKSqDqA2aDF5KuW0I=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "e05b454dfa1d1468d94e0f903a8099f6"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 8033263973.js Show response
cdn.optimizely.com/js/ 588 KB
162 KB 29ms
9ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/8033263973.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

562ca1f7745809690f08fb48b5a9e411614e1c953c89c8b9b80c81fb887d9710

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: 7CmEu_BW48atOLVxK02wgyK6_2pp9UnV
content-encoding: gzip
etag: "e03ecfbacf8f498069d3017fc92803cb"
x-amz-request-id: V5S7RRWZMA2ZHD45
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 20162
x-amz-replication-status: PENDING
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 164515
x-amz-id-2: C7Rq9c5hgklQHrj5hSlqtyHvDp7BhifW84+Bx+gWgbgWj7PAABvlRfoVhTw0NUABozOC6c+4IvY=
last-modified: Tue, 23 Mar 2021 13:57:31 GMT
server: AmazonS3
date: Tue, 23 Mar 2021 22:07:58 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=1200
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 modernizr-2.8.3.min.js Show response
www.bahn.de/common/view/static/17d0ec19/js/lib/modernizr/ 11 KB
5 KB 67ms
66ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/js/lib/modernizr/modernizr-2.8.3.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 2EE80B24ABBD92BB
vary: Accept-Encoding
content-length: 4530
x-amz-id-2: 7LX+GyXkRrIAxoR6bY/d1esMa//1PayIgBP6WoghDAX02Pd9p19wSRzO2pwzGBRGSFCL5R9bMjQ=
last-modified: Thu, 25 Feb 2021 08:22:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "e5e402607e45feccd78c4f49b96938c3"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 db_em_rgb_100px.svg
www.bahn.de/common/view/static/v8/img/ 828 B
1 KB 36ms
33ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/v8/img/db_em_rgb_100px.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 36E07D5BB7B8C383
vary: Accept-Encoding
content-length: 480
x-amz-id-2: u073/xlec7dUe2hWPaqLsi6cz6Dg95BLW36zrS4IhUtpJnqHuV5ynaB/UdN1DCpCquvqHkNVAyg=
last-modified: Sat, 19 May 2018 09:41:10 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "595cfbce732795e1d7cb8cbec1934345"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_326709_moodbild_980x230_2021-02-11_v02_980x230_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/mood_visuals/ 76 KB
77 KB 36ms
34ms Image
image/webp 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/mood_visuals/mdb_326709_moodbild_980x230_2021-02-11_v02_980x230_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4b9f508f69d7137fe6f715d9e82a9f3797f8a0ca687580f92d0928b3c4f746e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1074
etag: "e02f7ece1a7826f3da5b9c93d7d5c420"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=1436548
last-modified: Thu, 11 Feb 2021 13:10:14 GMT
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 78122
x-xss-protection: 1; mode=block
server: Akamai Image Manager
expires: Fri, 09 Apr 2021 13:10:26 GMT

GET
H2 200 mdb_312645_angebotsrondell_800x400_corona_684x342_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/topangebote/ 31 KB
31 KB 41ms
38ms Image
image/webp 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/topangebote/mdb_312645_angebotsrondell_800x400_corona_684x342_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3de4293ced3cf20f3246b699e05a1eab68d0841318a53cc0091c0687cbdb4d35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Oct 2020 10:56:08 GMT
server: Akamai Image Manager
etag: "59949a209502523750510fe82bdd396c"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=305468
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 31358
x-xss-protection: 1; mode=block
expires: Sat, 27 Mar 2021 10:59:06 GMT

GET
H2 200 mdb_326915_db-mobil_maerz_visual_980x300_980x300_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/ 42 KB
43 KB 43ms
40ms Image
image/webp 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/mdb_326915_db-mobil_maerz_visual_980x300_980x300_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

691d5a9ece018476a7b7ee1a64412073bbfe448b9d5f8bd6e0fb1a22ad097ba1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 23:10:47 GMT
server: Akamai Image Manager
etag: "fd6e2ba1a79c7a18e070821390b78db2"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=349428
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 43280
x-xss-protection: 1; mode=block
expires: Sat, 27 Mar 2021 23:11:46 GMT

GET
H2 200 mdb_304292_ticketsundangebote.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 1 KB
1 KB 45ms
42ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304292_ticketsundangebote.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c67e730af099eaee16e5c47b5f4a31155c438cdc2a80859e01b3d555097f2f4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 3237ADF71BB5164E
vary: Accept-Encoding
content-length: 595
x-amz-id-2: pHNUh0LFtj+f5lg2t8+l3HtQs1ZUnJ1MJTgklxfx5Ndb1TX28IC2JH0ZCngFZvfwaywAr2uan1A=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "ed41a1db57e168d3fb7f1f596aebad87"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304291_reiseundservices.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 3 KB
2 KB 45ms
43ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304291_reiseundservices.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c9591e1e925cc078239c1ea6c33f6e980a42be082d0613262a69f3a485bdc987

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 97D4176E026DF2A5
vary: Accept-Encoding
content-length: 1359
x-amz-id-2: ZkAeh5VT+DSr9/6QIsKSMMP9Yyg/cYVPTw0mDI1Ter09mphFnLd0vODZVzHd7egxeuQT/CinpU8=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "64822f542b73a0e1b64077de1a825426"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304289_bahncard.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
1 KB 45ms
43ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304289_bahncard.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d98f09c35fc6e692c518f35eafc85666e8806f308686bc3329741edf98991f3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: DAD23281702E7C77
vary: Accept-Encoding
content-length: 767
x-amz-id-2: TRuYsa+qch+c2en4OKYgdLQnRP2mpACyofJtVHuLFpUPzOdtXVWmG6GYXtIUZ1c6kUe/NiyoDJM=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "70493989eac961cd396f54d2156748d9"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304290_geschaeftskunden.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
2 KB 45ms
44ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304290_geschaeftskunden.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d87399eac77203044d8c37074a8738a3e7b7120ce216e865e688d67959d5664c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: BE14A3855B57AC2C
vary: Accept-Encoding
content-length: 964
x-amz-id-2: x2WtoX+e0MMqdeDaauotKPdyKNDobmf4Jw4y4X4FXPRKnpr7LXfhwsF9+yOeiE3647DhZi17IEs=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "b23e3d313b66de449e7e16a63ef14f87"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_304523_piktogramm_urlaub_staedtereisen_280x140.svg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/ 2 KB
2 KB 46ms
44ms Image
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/teaser/navigation/mdb_304523_piktogramm_urlaub_staedtereisen_280x140.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

540989a36d927a48c17524c0f50c22903c92dd951a131931d7a80c6691a3bcfa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 936FE830A879B7AF
vary: Accept-Encoding
content-length: 1039
x-amz-id-2: d6sVSDIa6owLZZ5FXGbSADxKSzBPTwNAZrBRKCtbTHbZGwFsJY+jy2Ov3buncDJd1QwuhHuch7E=
last-modified: Fri, 02 Oct 2020 12:11:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "9f99da195524878a7fd1730c1d3081a0"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 mdb_327728_br_423_023_redesign-dominik_schleuter_980x300_980x300_hq.jpg
www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/ 81 KB
82 KB 46ms
44ms Image
image/webp 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/p/view/mdb/bahnintern/startseite/startseite2015/visuals/2021/03_mrz/mdb_327728_br_423_023_redesign-dominik_schleuter_980x300_980x300_hq.jpg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c6525a87b4d9ce2f4a765f707666f92e28a59e2ab50bf2777d1554c48f52e257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 23:10:38 GMT
server: Akamai Image Manager
etag: "746e47f098c0cca568e8ac55c20c3c1b"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, no-transform, max-age=2077373
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 83282
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 23:10:51 GMT

GET
H2 200 portal-index.min.js Show response
www.bahn.de/common/view/static/17d0ec19/responsive/js/ 329 KB
95 KB 32ms
32ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/js/portal-index.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0aa54241b0ad30cc3ea310597b7e8890ea5102c783d496852403061cf872f344

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: DV4W2H7MEQBHAM1M
vary: Accept-Encoding
content-length: 96192
x-amz-id-2: Uq9HJnKCs5HO+QjeSXMvj7KnylGtDSjI3MJ52I36kgTMSTrVs6M6fA3V02SFvuBICUHVCF/e6Zw=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "68c7f5e2e71a8776bef3f28eb4967702"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 s_code.min.js Show response
www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/ 111 KB
38 KB 40ms
39ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/s_code.min.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 33F7E459CD5C9256
vary: Accept-Encoding
content-length: 37926
x-amz-id-2: KrH2JZL8e1fehSBoz0hnomjEJHIGDMKkPS6NBJdLj0lCjwjM0nLNb6biuZ4D8HP6IZTkq3E74Hk=
last-modified: Thu, 25 Feb 2021 08:22:26 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "c12f54903e3a0b802d70539124a34902"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: text/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 svg-sprites.svg
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 324 KB
88 KB 51ms
49ms Other
image/svg+xml 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/svg-sprites.svg

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 4EC0077E03528627
vary: Accept-Encoding
content-length: 89114
x-amz-id-2: A2SAi//eEbR3RppSwrm3GhDUJzJUfvk0+hDSUO3+aFu6wXb6Z8DVMKnCWlFtE6ODVJhTI6gSJXo=
last-modified: Thu, 25 Feb 2021 08:22:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "5897c322752528b7f1b3c668589924bb"
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges: bytes

GET
H2 200 icon-s73bc5bf69c.png
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 53 KB
54 KB 51ms
50ms Image
image/png 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/icon-s73bc5bf69c.png

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: 42285B1D033567BB
etag: "aeea28ca3930a6dcf8000d07b505436f"
x-frame-options: SAMEORIGIN
x-amz-id-2: fZJIHDtahVP0pVuAOrBN+oXV1lRrl03mUBrHOB/Py4Dp4gyhJBdyrKORqzuhisHcWxs2UJkouX0=
content-type: image/png
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 54236
x-xss-protection: 1; mode=block

GET
H2 200 dbsan06-webfont.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 48 KB
48 KB 42ms
41ms Font
binary/octet-stream 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/dbsan06-webfont.woff

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: EC821F304BD3F5A3
etag: "df5cd4cd4e41ddfaf7017f95765d6308"
x-frame-options: SAMEORIGIN
x-amz-id-2: nIXL9Rf3Q34EO6hqnKRpKhOMST0/WV6QmHmdMz0FMo9QnOJmDYQaiU21tgus+qogmzbLwrqILt0=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 48880
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdd715407bbcb2c0325bb1e1466715b9ec9dcd2e7e662e647fddf74d92ba4150

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 824 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e1a71dbeac14ad724fd5bf1f63d833a2cea06c7de8f9173b6d2a3bad0fbc7bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd45e3a7a55ce6d15988606f79657a593097ac40f0d29bff151fdd10b0438b88

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1019 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5db9108016c62906c987c432fab8efb55a0c92425c9cace3793c536fa2aafcde

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90d765be61f3668f58a9fee31185882edaf07d31b79ef37e1305b23fd01d6aef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff458e01b24643b5a0d6b8a21452f5a582ac28527a05c36aa0ff6f37c5186214

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo-sccc6c8d933.png
www.bahn.de/common/view/static/17d0ec19/responsive/img/ 92 KB
93 KB 38ms
38ms Image
image/png 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/img/logo-sccc6c8d933.png

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fab0c6f26511c8bfe80effdca1e740eaaf413120c26b84d160ea19866b647e58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:28 GMT
server: AmazonS3
x-amz-request-id: 0F1C1C64AAFD7E18
etag: "3d419e48e4de23dc07c5f5dca4541cfd"
x-frame-options: SAMEORIGIN
x-amz-id-2: wam8rAG6xirC98QtN0/D1YRt2hB2ucpQemVxnR9QTpQ8TO5keiTdqieLAf6mt5QLKgR9a0KtB9I=
content-type: image/png
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 94154
x-xss-protection: 1; mode=block

GET
H2 200 dbsan03-webfont.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 48 KB
48 KB 42ms
42ms Font
binary/octet-stream 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/dbsan03-webfont.woff

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: EDE57106261C47EF
etag: "ee22058781511177b60092028f12eea2"
x-frame-options: SAMEORIGIN
x-amz-id-2: Jc4TNjMzN1b9xfo7oqijhDwregCRB0rNnteEP+wKRIHANu9xUk16jPiVe2ZI2y+U0z/oVOQRGic=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 48820
x-xss-protection: 1; mode=block

GET
H2 200 db-icons.woff
www.bahn.de/common/view/static/17d0ec19/responsive/fonts/ 29 KB
29 KB 42ms
42ms Font
binary/octet-stream 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/common/view/static/17d0ec19/responsive/fonts/db-icons.woff?de5f8900bd1b6298cc0ca94466418537

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/common/view/static/17d0ec19/responsive/css/portal.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 08:22:27 GMT
server: AmazonS3
x-amz-request-id: 95B53D0B8FC42B45
etag: "2ee679e77cd50b24e96de14b9e9f44fa"
x-frame-options: SAMEORIGIN
x-amz-id-2: OVCzm/Kl+TQSQwpb+nUc56aDBidb9vSER4KKM00zN5nBW282kQNyLapwTCXvLR5RDdd2tsAztPw=
content-type: binary/octet-stream
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
content-length: 29320
x-xss-protection: 1; mode=block

GET
H2 200 id Show response
st.bahn.de/ 48 B
510 B 154ms
41ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://st.bahn.de/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=60280647967919821750998871211251014425&ts=1616537278350

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/js/lib/omniture/s_code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

0e84f131b7f29b7a50efb4984cd55efa3207c403dd8183d597453ffedec2ae0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7df884dd44-l5xwk
vary: Origin
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.bahn.de
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 utag.js Show response
www.bahn.de/media/view/tms/ 51 KB
15 KB 32ms
31ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e43eed8bc914b815d6d0e574f6604bc8473e0f9d18bf0045499d5e20c7926510

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "cd68-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 14672
x-xss-protection: 1; mode=block

GET
H2 200 getjson.pl Show response
www.bahn.de/pbin/ 102 KB
15 KB 46ms
46ms XHR
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/pbin/getjson.pl?name=nav_p&callback=jQuery111004239289970120599_1616537278334&_=1616537278335

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/17d0ec19/responsive/js/portal-index.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0676dbf4106ae3c4171726dba5279c8dc081939ecf46cf90bde43eee9a7b088f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.bahn.de/p/view/index.shtml
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
date: Tue, 23 Mar 2021 22:07:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: max-age=180
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
content-length: 15335
x-xss-protection: 1; mode=block

GET
H2 200 s92428717180484
st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/ 43 B
341 B 42ms
42ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/s92428717180484?AQB=1&ndh=1&pf=1&t=23%2F2%2F2021%2023%3A7%3A58%202%20-60&mid=60280647967919821750998871211251014425&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_PVE_DEU_DE_index&g=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&c.&Rendering=Desktop&Orientierung=Landscape&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&load_time=3&.c&cc=EUR&ch=BAHN_PVE_DEU_DE&events=event45%2Cevent46&h1=PVE&c4=BAHN_PVE_DEU_DE&v4=BAHN_PVE_DEU_DE&c22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&v22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&c24=D%3DpageName&v24=D%3DpageName&c69=logout&v69=logout&v74=D%3DpageName&c75=D%3Dv75&v75=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
x-content-type-options: nosniff
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 24 Mar 2021 22:07:58 GMT
server: jag
xserver: anedge-7df884dd44-z2m47
etag: 3471487373025378304-4622020144024490705
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 22 Mar 2021 22:07:58 GMT

GET
H2 200 utag.140.js Show response
www.bahn.de/media/view/tms/ 3 KB
2 KB 39ms
37ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.140.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ec470e7fa45aa2bc36e1507281d56dedb4d4da845e0245cf6590f6d345ebcd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "a82-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1366
x-xss-protection: 1; mode=block

GET
H2 200 utag.85.js Show response
www.bahn.de/media/view/tms/ 3 KB
2 KB 39ms
37ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

11850f3f703a8a6c11e28c86fd97ad657ac67432ce1998305c2d2893693234da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "a5f-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1337
x-xss-protection: 1; mode=block

GET
H2 200 utag.74.js Show response
www.bahn.de/media/view/tms/ 2 KB
2 KB 41ms
39ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4d1584c26e1c4386160cb5c9a6ef0510e2f52edd9165386b41feba41ec97e1c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "8d2-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1134
x-xss-protection: 1; mode=block

GET
H2 200 utag.138.js Show response
www.bahn.de/media/view/tms/ 4 KB
2 KB 41ms
39ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.138.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd6c45d79efce7787c36717ca452774cb25c6b11acd7f95136c78617d2f8a227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "11fe-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1969
x-xss-protection: 1; mode=block

GET
H2 200 utag.182.js Show response
www.bahn.de/media/view/tms/ 16 KB
4 KB 41ms
40ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.182.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a6ccbf69dd9766b1aa439eb5af555794f2551b3f1747b09bb9ddccc90f431c30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "3fed-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3814
x-xss-protection: 1; mode=block

GET
H2 200 utag.183.js Show response
www.bahn.de/media/view/tms/ 16 KB
5 KB 41ms
40ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/utag.183.js?utv=ut4.46.202103091213

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4a4c7bf187382ec7af807936da98ea13c7e11da9ada1ec0618a059a0d3900d52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Mar 2021 14:08:28 GMT
server: Apache
etag: "3f91-5bd1b159e0f00"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4359
x-xss-protection: 1; mode=block

GET
H2

200

adformat.js Show response
s2.adform.net/banners/scripts/audiencetag/
Redirect Chain

https://dmp.adform.net/audiencetag/adformat.js
https://s2.adform.net/banners/scripts/audiencetag/adformat.js

4 KB
2 KB

85ms
22ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 10:39:24 GMT
server: nginx
etag: W/"6005655c-11e8"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/audiencetag/adformat.js
date: Tue, 23 Mar 2021 22:07:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 / Show response
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/ 60 KB
18 KB 90ms
36ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0lxkzEthotizcTX&Q_LOC=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml&t=1616537278567

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.85.js?utv=ut4.46.202103091213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d47499fbaaf56d5b078127c0246366aaa6ac79779e83acea910067f2aa76deee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 516317
cf-polished: origSize=62663
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 0902ba70a7000010f348ac2000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"f4c7-40M2Ui0xkKvT+C6V6/NR7GcyUHc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 634af9c7788a10f3-CPH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 a2987.js Show response
cdn.m-pathy.com/js/ 23 KB
7 KB 29ms
6ms Script
application/javascript 2600:9000:206f:9600:1e:7aca:b8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.m-pathy.com/js/a2987.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.74.js?utv=ut4.46.202103091213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4c378f256175cf4bfa17f1adff41ed5234ef6dd231cc575b29db0100ca85e401

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:56:47 GMT
content-encoding: gzip
x-debug4: 9090
x-backend: serve_dynamic_ssl
age: 671
x-internal: 0
x-debug: serve_dynamic_ssl
x-debug2: debug
x-upstream: survey_dynamic
x-forward-proto: https
content-length: 6179
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-scheme: https
x-direct-upstream: serve_dynamic_ssl
last-modified: Mon, 15 Mar 2021 13:45:46 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5c05-5bd9377827c24-gzip"
vary: Accept-Encoding
x-pool: serve_direct_default
x-force-direct: 0
access-control-allow-origin: *
cache-control: max-age=3600
x-debug3: apache.server
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: yh0f4Yr6LUKnJzHz5n8Aw0w3iVOu_gurKp7qRVF9XQqxBwiawHK_IA==
expires: Tue, 23 Mar 2021 22:56:47 GMT

GET
H2 200 exactag.js Show response
www.bahn.de/media/view/tms/js/ 13 KB
6 KB 32ms
31ms Script
text/javascript 184.24.27.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bahn.de/media/view/tms/js/exactag.js

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.27.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-27-201.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bahn.de/p/view/index.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 30 Nov 2020 11:38:42 GMT
server: Apache
etag: "321a-5b55173b87480"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
content-security-policy: default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5428
x-xss-protection: 1; mode=block

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a1.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

90ms
39ms

Script
application/x-javascript

37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 24e83f1a047509f4bc8de2e012201ac0032da53d24acc314fe49ed47754f87d0

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 08:46:50 GMT
server: nginx
etag: W/"6053137a-13ce9"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 23 Mar 2021 22:07:58 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 loader.js Show response
cdn.m-pathy.com/modules/4.22-179/ 42 KB
15 KB 6ms
6ms Script
application/javascript 2600:9000:206f:9600:1e:7aca:b8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.m-pathy.com/modules/4.22-179/loader.js
Requested by: Host: cdn.m-pathy.com
URL: https://cdn.m-pathy.com/js/a2987.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9600:1e:7aca:b8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07

Request headers

Origin: https://www.bahn.de
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 21:49:01 GMT
content-encoding: gzip
x-debug4: 9090
x-backend: serve_dynamic_ssl
age: 1137
x-internal: 0
x-debug: serve_dynamic_ssl
x-debug2: debug
x-upstream: survey_dynamic
x-forward-proto: https
content-length: 14458
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-scheme: https
x-direct-upstream: serve_dynamic_ssl
last-modified: Thu, 04 Jun 2020 12:32:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "a692-5a74155c15640-gzip"
vary: Accept-Encoding
x-pool: serve_direct_default
x-force-direct: 0
access-control-allow-origin: *
cache-control: max-age=2419200
x-debug3: apache.server
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4Z0kEPk4etFdFrh17ee0JKkHzbkBOU7HQEybPGrAMl66ZrtAVa5IoA==
expires: Tue, 20 Apr 2021 21:49:01 GMT

GET
H/1.1 200
OK pi.aspx Show response
m.exactag.com/ Frame E3EF 7 KB
4 KB 140ms
51ms Script
text/javascript 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=xl8JKtBxisDN&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/media/view/tms/js/exactag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3b1e0fb6db4a78983232c5751d69ea64943279414d3237b56ded78abcf2f3bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 23 Mrz 2021 10:07:58 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 23 Mar 2021 22:07:58 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.bahn.de
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: -1

GET
H2 200 cookiesegments Show response
dmp.adform.net/audiencetag/ 2 B
236 B 19ms
19ms XHR
application/json 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://dmp.adform.net/audiencetag/cookiesegments?token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBZGZvcm0uRE1QLkNsYWltczo6RGF0YVByb3ZpZGVycyI6IlsxMDU4MV0iLCJpc3MiOiJkbXAtYXBpLmFkZm9ybS5jb20iLCJhdWQiOiJhdWRpZW5jZV90YWdfY29uc3VtZXJfdjEiLCJleHAiOjE4NDY0NzkyOTksIm5iZiI6MTUzMTExOTIzOX0.FJQj3NEIHLPLagWbUeSDroGlMNqPApSp4JsfF5qhvxA

Requested by

Host: dmp.adform.net
URL: https://dmp.adform.net/audiencetag/adformat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bahn.de
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

/ Show response
a1.adform.net/Serving/TrackPoint/
Redirect Chain

https://a1.adform.net/Serving/TrackPoint/?pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C1600x120...
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C160...

155 B
623 B

20ms
20ms

Script
text/javascript

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml

Requested by

Host: www.bahn.de
URL: https://www.bahn.de/p/view/index.shtml

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4fb7f5cbe9bc964af9d90911e29db84254705b475415a73f26939f4a289ad350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 22:07:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 217
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 22:07:58 GMT
server: nginx
location: https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=646062&ADFPageName=%7Bwww.bahn.de%7D%7C%7BBAHN_PVE_DEU_DE%7D%7C%7BBAHN_PVE_DEU_DE_index%7D&ADFdivider=%7C&ord=962417812954&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&itm=eyJzdjkiOiJ7d3d3LmJhaG4uZGV9fHtCQUhOX1BWRV9ERVVfREV9fHtCQUhOX1BWRV9ERVVfREVfaW5kZXh9IiwiaXRtcyI6W3sic3RlcCI6MX1dfQ&loc=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Findex.shtml
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK px.aspx Show response
m.exactag.com/ Frame 7E92 276 B
651 B 119ms
33ms Document
text/html 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/px.aspx?id=a88c3db2e2e747f9ae572fa82f5e7d2f

Requested by

Host: m.exactag.com
URL: https://m.exactag.com/pi.aspx?campaign=4bb3a5de3602f335b9ba113928205e62&pitype=Content&convtype=&rnd=xl8JKtBxisDN&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22%22%2C%22host%22%3A%22www.bahn.de%22%2C%22site%22%3A%22%2Fp%2Fview%2Findex.shtml%22%2C%22search%22%3A%22%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%224bb3a5de3602f335b9ba113928205e62%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22trackingURL%22%3A%22%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22Startseite%22%2C%22category_name%22%3A%22BAHN_PVE_DEU_DE%22%2C%22page_name%22%3A%22BAHN_PVE_DEU_DE_index%22%2C%22engine%22%3A%22Web%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

bf69305acc75d6fa447712ed127c3d217c117678fb59ffe86b5ae52949d54384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: m.exactag.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.bahn.de/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: exactag_new_gk=ea2f5db741704375b8b49db158adad55%7c22.05.2021+22%3a07%3a58; exactag_new_uk=2c558fcccd3f429cba98caee9b830daa%7c; session_session=7eb64850f0cd4f0392acaaae; exactag_new_user=1053%7c2%7c7eb64850f0cd4f0392acaaae%7c01.01.0001+00%3a00%3a00%7c23.03.2021+22%3a07%3a58%7c7eb64850f0cd4f0392acaaae%7c68537%7c1753%7cFalse
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bahn.de/

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-ET-Code: 0
X-ET-Camp: 1053
Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 23 Mar 2021 22:07:58 GMT
Connection: close
Transfer-Encoding: chunked
Content-Encoding: gzip

GET
H/1.1

200
OK

cmatch.aspx
m.exactag.com/ Frame 7E92
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1053
https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=5515368193953809632&optin=1

43 B
907 B

122ms
35ms

Image
image/gif

85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=5515368193953809632&optin=1

Requested by

Host: m.exactag.com
URL: https://m.exactag.com/px.aspx?id=a88c3db2e2e747f9ae572fa82f5e7d2f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://m.exactag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 23 Mrz 2021 10:07:58 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 23 Mar 2021 22:07:58 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://m.exactag.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 0
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 22:07:58 GMT
server: nginx
location: https://m.exactag.com/cmatch.aspx?p=pradf&auk=1&puk=5515368193953809632&optin=1
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
237 B 109ms
109ms XHR
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/8033263973.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bahn.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.bahn.de
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Tue, 23 Mar 2021 22:07:59 GMT
Content-Type: text/plain

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 442ms
108ms Preflight
text/plain 3.225.10.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 3.225.10.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-10-210.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.bahn.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://www.bahn.de
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Tue, 23 Mar 2021 22:07:59 GMT
Content-Length: 13
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bahn.de/	1969-12-31 23:59:59	Name: s_ppv Value: BAHN_PVE_DEU_DE_index%2C36%2C36%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
			.bahn.de/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://.m-pathy.com
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
bahn.de
cdn.m-pathy.com
cdn.optimizely.com
dmp.adform.net
errors.client.optimizely.com
m.exactag.com
s2.adform.net
st.bahn.de
www.bahn.de
zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com
104.17.209.240
15.237.136.106
184.24.27.201
2600:9000:206f:9600:1e:7aca:b8c0:93a1
2a02:26f0:7100:19a::13b8
3.225.10.210
37.157.2.238
37.157.6.235
54.93.33.134
85.14.248.71
0676dbf4106ae3c4171726dba5279c8dc081939ecf46cf90bde43eee9a7b088f
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
0aa54241b0ad30cc3ea310597b7e8890ea5102c783d496852403061cf872f344
0e84f131b7f29b7a50efb4984cd55efa3207c403dd8183d597453ffedec2ae0c
11850f3f703a8a6c11e28c86fd97ad657ac67432ce1998305c2d2893693234da
24e83f1a047509f4bc8de2e012201ac0032da53d24acc314fe49ed47754f87d0
26ea31e0c6520a6f3e814e67b70d4e70dde85659b3f9184935d265f45bfb1931
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
3b1e0fb6db4a78983232c5751d69ea64943279414d3237b56ded78abcf2f3bfc
3de4293ced3cf20f3246b699e05a1eab68d0841318a53cc0091c0687cbdb4d35
3e1a71dbeac14ad724fd5bf1f63d833a2cea06c7de8f9173b6d2a3bad0fbc7bf
4a4c7bf187382ec7af807936da98ea13c7e11da9ada1ec0618a059a0d3900d52
4b9f508f69d7137fe6f715d9e82a9f3797f8a0ca687580f92d0928b3c4f746e6
4c378f256175cf4bfa17f1adff41ed5234ef6dd231cc575b29db0100ca85e401
4d1584c26e1c4386160cb5c9a6ef0510e2f52edd9165386b41feba41ec97e1c3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb7f5cbe9bc964af9d90911e29db84254705b475415a73f26939f4a289ad350
540989a36d927a48c17524c0f50c22903c92dd951a131931d7a80c6691a3bcfa
554adcd95948f697337ae206814fa15f42e7bb63de8dbbc1c14096830a22814b
562ca1f7745809690f08fb48b5a9e411614e1c953c89c8b9b80c81fb887d9710
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
5db9108016c62906c987c432fab8efb55a0c92425c9cace3793c536fa2aafcde
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66a0f2364c7ee7de56076aa9127aa362a68b26b5e01c868fde1f7bc8eb1f3c07
691d5a9ece018476a7b7ee1a64412073bbfe448b9d5f8bd6e0fb1a22ad097ba1
6b693b7dadf0949d494f4ad8685ae70f74f20a33a32780ebfd5b0517fceae722
8ec470e7fa45aa2bc36e1507281d56dedb4d4da845e0245cf6590f6d345ebcd4
8f5f27cf78c2017bdd4a2d791032f85512546826b42ecb0f6c1e2500b3c43f76
90d765be61f3668f58a9fee31185882edaf07d31b79ef37e1305b23fd01d6aef
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
a6ccbf69dd9766b1aa439eb5af555794f2551b3f1747b09bb9ddccc90f431c30
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd45e3a7a55ce6d15988606f79657a593097ac40f0d29bff151fdd10b0438b88
bd6c45d79efce7787c36717ca452774cb25c6b11acd7f95136c78617d2f8a227
bdd715407bbcb2c0325bb1e1466715b9ec9dcd2e7e662e647fddf74d92ba4150
bf69305acc75d6fa447712ed127c3d217c117678fb59ffe86b5ae52949d54384
c6525a87b4d9ce2f4a765f707666f92e28a59e2ab50bf2777d1554c48f52e257
c67e730af099eaee16e5c47b5f4a31155c438cdc2a80859e01b3d555097f2f4e
c9591e1e925cc078239c1ea6c33f6e980a42be082d0613262a69f3a485bdc987
d47499fbaaf56d5b078127c0246366aaa6ac79779e83acea910067f2aa76deee
d71372dd18882e66275bcadb5e9b903427b3a7688ecc7506e3757109adf1378c
d87399eac77203044d8c37074a8738a3e7b7120ce216e865e688d67959d5664c
d98f09c35fc6e692c518f35eafc85666e8806f308686bc3329741edf98991f3d
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43eed8bc914b815d6d0e574f6604bc8473e0f9d18bf0045499d5e20c7926510
fab0c6f26511c8bfe80effdca1e740eaaf413120c26b84d160ea19866b647e58
ff458e01b24643b5a0d6b8a21452f5a582ac28527a05c36aa0ff6f37c5186214

www.bahn.de Open in urlscan Pro 184.24.27.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

20 %IPv6

6 Domains

11 Subdomains

10 IPs

4 Countries

1169 kBTransfer

2957 kBSize

2 Cookies

37 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bahn.de Open in urlscan Pro
184.24.27.201 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

20 %
IPv6

6
Domains

11
Subdomains

10
IPs

4
Countries

1169 kB
Transfer

2957 kB
Size

2
Cookies

46 HTTP transactions
7 data transactions