urlscan.io logo urlscan.io
SecurityTrails logo

www.bahn.de Open in urlscan Pro
104.111.219.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailing.bahn.de/go/4/438RWX0W-42YU0K8T-2WPJJG66-VS2H2.html
Effective URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingD...
Submission: On December 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 23 HTTP transactions. The main IP is 104.111.219.12, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.bahn.de.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 10th 2020. Valid for: a year.
This is the only time www.bahn.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.169.180.193 48173 (UNBELIEVA...)
2 2 85.14.248.91 24961 (MYLOC-AS ...)
20 104.111.219.12 16625 (AKAMAI-AS)
1 2.16.186.186 20940 (AKAMAI-ASN1)
2 15.237.136.106 16509 (AMAZON-02)
23 3
1    193.169.180.193 (Germany)

ASN48173 (UNBELIEVABLE-AS, DE)
PTR: srv2.de
mailing.bahn.de
2    85.14.248.91 (Cologne, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
20    104.111.219.12 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-12.deploy.static.akamaitechnologies.com
www.bahn.de
1    2.16.186.186 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-186.deploy.static.akamaitechnologies.com
www.static-bahn.de
2    15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
st.bahn.de
Apex Domain
Subdomains		 Transfer
23 bahn.de
mailing.bahn.de
www.bahn.de
st.bahn.de
1 MB
2 exactag.com
m.exactag.com
1 KB
1 static-bahn.de
www.static-bahn.de
23 3
Domain Requested by
20 www.bahn.de www.bahn.de
2 st.bahn.de www.bahn.de
2 m.exactag.com 2 redirects
1 www.static-bahn.de www.bahn.de
1 mailing.bahn.de 1 redirects
23 5

This site contains links to these domains. Also see Links.

Domain
www.bahn.com
www.ameropa.de
fahrkarten.bahn.de
reiseauskunft.bahn.de
www.deutschebahn.com
bahnshop.de
Subject Issuer Validity Valid
www.bahn.de
DigiCert SHA2 Extended Validation Server CA		 2020-01-10 -
2021-04-07		 a year crt.sh
subsites.bahn.de
R3		 2020-12-03 -
2021-03-03		 3 months crt.sh
st.bahn.de
DigiCert SHA2 High Assurance Server CA		 2020-03-02 -
2021-06-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Frame ID: 5C7D97018A7C159DE0D6C8F2C256AA86
Requests: 22 HTTP requests in this frame

Frame: https://www.static-bahn.de/media/view/mdb/media/w/skyscraper/skyscraper.html
Frame ID: A204FE61EB816410FF7BC107483C3BD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mailing.bahn.de/go/4/438RWX0W-42YU0K8T-2WPJJG66-VS2H2.html HTTP 302
    http://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fww... HTTP 302
    https://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fww... HTTP 302
    https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D00... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

4
Countries

1026 kB
Transfer

2011 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailing.bahn.de/go/4/438RWX0W-42YU0K8T-2WPJJG66-VS2H2.html HTTP 302
    http://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml%3Fdbkanal_009%3DL01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01 HTTP 302
    https://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml%3Fdbkanal_009%3DL01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01 HTTP 302
    https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ameropa_500-punkte.shtml
www.bahn.de/p/view/urlaub/staedtereisen/
Redirect Chain
  • https://mailing.bahn.de/go/4/438RWX0W-42YU0K8T-2WPJJG66-VS2H2.html
  • http://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml%3Fdbkanal_009%3DL01_S01_D00...
  • https://m.exactag.com/cl.aspx?extPu=12697-optivo&extProvId=11&extLi={mailingId}&url=https:%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml%3Fdbkanal_009%3DL01_S01_D0...
  • https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
497f6b16919e66b3322095e9253545542296cf6046c27c0f4d78bdb2a55dee81
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.bahn.de
:scheme
https
:path
/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
server
AmazonS3
x-amz-id-2
e3vCseqH/uzJvIuJMTYWsoozYYsUHkDucjDJMJBDGf9UZ9XML9h+VihrWtu93hasLsDG6s/6nKk=
x-amz-request-id
583467864D405FFF
last-modified
Sat, 12 Dec 2020 23:51:39 GMT
etag
"0b0c35e3296c094d6425b5a583bcf41f"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=600
date
Mon, 14 Dec 2020 17:12:14 GMT
content-length
11856
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload

Redirect headers

Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=iso-8859-1
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Mo, 14 Dez 2020 05:12:14 GMT
Location
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Server
Microsoft-IIS/8.5
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Max-Age
1000
Access-Control-Allow-Headers
*
X-ET-Code
21
X-ET-Camp
0
Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Mon, 14 Dec 2020 17:12:14 GMT
Connection
close
Content-Length
0
portal.min.css
www.bahn.de/common/view/static/717674e8/responsive/css/ 		470 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2c2fa5c5ef6a4b1ffc0380550bdb197b56ac13c0ea72c7cc23d0eaa871067d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
C0447E3F77202364
vary
Accept-Encoding
content-length
99792
x-amz-id-2
xczYrHIV7z6yh88+u9QvkOoT5L3/GXx5Ss8o7Ynor4M7A/gVgh0W42xN4r4JqsIlk29XwXvIzuk=
last-modified
Tue, 17 Nov 2020 13:42:18 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"5eed9ed6319dded921f65d59fb16b3a9"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/css
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
modernizr-2.8.3.min.js
www.bahn.de/common/view/static/717674e8/js/lib/modernizr/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/js/lib/modernizr/modernizr-2.8.3.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
A0AB383741DE90AE
vary
Accept-Encoding
content-length
4530
x-amz-id-2
smm7BXp6r1YA23tSaDJ6RdEkOe74aQrWvG29Fro0um7dawdSBifHSVKCMPjLVyNQYLZ0WuFKPAI=
last-modified
Tue, 17 Nov 2020 13:42:17 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"e5e402607e45feccd78c4f49b96938c3"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
db_em_rgb_100px.svg
www.bahn.de/common/view/static/v8/img/ 		828 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/v8/img/db_em_rgb_100px.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
D6F066DE5930ED79
vary
Accept-Encoding
content-length
480
x-amz-id-2
irz4HAKru5QULj9FPF09sgN9k9wAbJQE5A7cvy3gXdPAHF4C4KZvi8C74vXkxWXYCHQEcr/64EU=
last-modified
Sat, 19 May 2018 09:41:10 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"595cfbce732795e1d7cb8cbec1934345"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
mdb_318024_berlin_herbst_c_golero_gettyimages-585778752_980x300_980x300.jpg
www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/ameropa-staedtereisen/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/ameropa-staedtereisen/mdb_318024_berlin_herbst_c_golero_gettyimages-585778752_980x300_980x300.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
8911946c6ec554bd9367e2af77ff0e90ee0d7c35ff8eb2d682dee1181761be10
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Dec 2020 23:02:28 GMT
server
Akamai Image Manager
etag
"be7022827863e1a09001b9edda5b4b8e"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, no-transform, max-age=2008221
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
49990
x-xss-protection
1; mode=block
expires
Wed, 06 Jan 2021 23:02:35 GMT
mdb_233941_berlin_quadriga_istock_000010740417large_727x545_cp_123x86_850x631.jpg
www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/startseite/mobile_startseite/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/startseite/mobile_startseite/mdb_233941_berlin_quadriga_istock_000010740417large_727x545_cp_123x86_850x631.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a970c25a89029bbcd47c332e48f070be62c61b8e16bc56f77ea807536d80b01f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 11:23:47 GMT
server
Akamai Image Manager
etag
"243fd7672582819037dd2b258b4148c4"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, no-transform, max-age=1972285
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
57530
x-xss-protection
1; mode=block
expires
Wed, 06 Jan 2021 13:03:39 GMT
mdb_263059_4_hamburg_elbphilharmonie_shutterstock_528256492_727x545_cp_0x0_884x663.jpg
www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/startseite/mobile_startseite/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/startseite/mobile_startseite/mdb_263059_4_hamburg_elbphilharmonie_shutterstock_528256492_727x545_cp_0x0_884x663.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
80b6cddf0813c60adc04215ec021fd69a1e5fbe90d3693516e607fa8e20ad206
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 11:23:20 GMT
server
Akamai Image Manager
etag
"2df4421db1f8f8d926bfebef1f7a0f08"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, no-transform, max-age=1982833
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
111208
x-xss-protection
1; mode=block
expires
Wed, 06 Jan 2021 15:59:27 GMT
mdb_302699_bayern_mnchen_weihnachtsmarkt_gettyimages-462498243_680x510_cp_0x20_680x530.jpg
www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/ameropa-staedtereisen/2019/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/p/view/mdb/bahnintern/urlaub_ab_2016/ameropa-staedtereisen/2019/mdb_302699_bayern_mnchen_weihnachtsmarkt_gettyimages-462498243_680x510_cp_0x20_680x530.jpg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
de3c7d494d078ccdc4f052f4c99302afa89b505682c7b19743a2ad87274fd257
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Oct 2020 11:23:22 GMT
server
Akamai Image Manager
etag
"e969437b163bb0e61e2eafeb75a0a25b"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, no-transform, max-age=1883403
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-length
134744
x-xss-protection
1; mode=block
expires
Tue, 05 Jan 2021 12:22:17 GMT
portal-content.min.js
www.bahn.de/common/view/static/717674e8/responsive/js/ 		325 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/js/portal-content.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d0492fd459e32494885cacf2f1648326fb81138caa25940c60e00d0f942c3fb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
B8427ADC622FF21B
vary
Accept-Encoding
content-length
98924
x-amz-id-2
i1EAQZXFJ93uWkekGhX17DkF87rU+P1bOUCzVLbJb8sYL4spfr5SOrPdXRYU1Ut9mElJOgh3sgI=
last-modified
Tue, 17 Nov 2020 13:42:21 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"3b9073a80ad9694e48d762c6239631b7"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
s_code.min.js
www.bahn.de/common/view/static/717674e8/js/lib/omniture/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/js/lib/omniture/s_code.min.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
B37D2734E9778E60
vary
Accept-Encoding
content-length
37926
x-amz-id-2
m+irGxlcZKNcLasKpNYJsfZa++7wdkXXLV0l7OJOt5rOMELJQrDA7B7lUvx4Dce5LXoCz5awgYQ=
last-modified
Tue, 17 Nov 2020 13:42:17 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"c12f54903e3a0b802d70539124a34902"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/javascript
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
svg-sprites.svg
www.bahn.de/common/view/static/717674e8/responsive/img/ 		324 KB
88 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/img/svg-sprites.svg
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
79D1F4F49620B211
vary
Accept-Encoding
content-length
89114
x-amz-id-2
pthhbfMGArReKUsioPBoPxCrJLXp8JaJ1w0d/w9lUR51pEJ/efFBcxrMXPCw3HGQZVXfbR+RAdE=
last-modified
Tue, 17 Nov 2020 13:42:21 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"5897c322752528b7f1b3c668589924bb"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
image/svg+xml
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
icon-s73bc5bf69c.png
www.bahn.de/common/view/static/717674e8/responsive/img/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/img/icon-s73bc5bf69c.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:19 GMT
server
AmazonS3
x-amz-request-id
A645006C6D924B7C
etag
"aeea28ca3930a6dcf8000d07b505436f"
x-frame-options
SAMEORIGIN
x-amz-id-2
/SkoOlFFJVJxSzwhQfddMp536D5LCEMrFyf7SKfYFuUOpgt8+dZvuuVvzaXKGVVOoy0hXYfVzNM=
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
54236
x-xss-protection
1; mode=block
bg_nav_active_left.png
www.bahn.de/common/view/static/717674e8/responsive/img/ 		132 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/img/bg_nav_active_left.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:19 GMT
server
AmazonS3
x-amz-request-id
214FDEF8E7BE0FCC
etag
"098d59e7f12383ee5f816b3ae8c12453"
x-frame-options
SAMEORIGIN
x-amz-id-2
0BGxXdgHzKtal1V0sN1o5W61anSnapw+F1pGKHu6JcnJP6lo4nMEBo9q6d1EUSDiJz9cEu5yXLE=
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
132
x-xss-protection
1; mode=block
bg_nav_active_right.png
www.bahn.de/common/view/static/717674e8/responsive/img/ 		132 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/img/bg_nav_active_right.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:19 GMT
server
AmazonS3
x-amz-request-id
E161ED0768F26156
etag
"157df68f54b882b853b4d0efe4d1b688"
x-frame-options
SAMEORIGIN
x-amz-id-2
p9+uHfjdx9ZWVW6RJ0z7jQwDsS/8AlGHISXE4YdllV8UhdaGAiTpwfg0dnxjGPW8zF2Oocptglo=
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
132
x-xss-protection
1; mode=block
dbsan03-webfont.woff
www.bahn.de/common/view/static/717674e8/responsive/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/fonts/dbsan03-webfont.woff
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bahn.de
Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:19 GMT
server
AmazonS3
x-amz-request-id
69AEB5542474D990
etag
"ee22058781511177b60092028f12eea2"
x-frame-options
SAMEORIGIN
x-amz-id-2
ntMZZocSpkfnKLqu3KP6ATYx99oEpjMZAQgG/I9bf8CVsrrlK20K7i4G90DcPTiOHQTC7Pg2Wm4=
content-type
binary/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
48820
x-xss-protection
1; mode=block
db-icons.woff
www.bahn.de/common/view/static/717674e8/responsive/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/fonts/db-icons.woff?de5f8900bd1b6298cc0ca94466418537
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bahn.de
Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:18 GMT
server
AmazonS3
x-amz-request-id
BXAQ4P1H5ZEM3X8P
etag
"2ee679e77cd50b24e96de14b9e9f44fa"
x-frame-options
SAMEORIGIN
x-amz-id-2
/QQ1iQwIv4Ui/hxxyNZLF0tFgf5q2Ua0lX9r1363DLrxe2nxoRsUUQKIHrKrfkH5kLyjzX/1LXo=
content-type
binary/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
29320
x-xss-protection
1; mode=block
dbsan06-webfont.woff
www.bahn.de/common/view/static/717674e8/responsive/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/fonts/dbsan06-webfont.woff
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bahn.de
Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:19 GMT
server
AmazonS3
x-amz-request-id
CA778EE1ABA84ECA
etag
"df5cd4cd4e41ddfaf7017f95765d6308"
x-frame-options
SAMEORIGIN
x-amz-id-2
7nzGpmbPTrWWTIcd5Oftwpv43GAmFGLsNhA7Om804WOeJ/cqhvlqlz5merEs9BbZ8+BN+jOC7UY=
content-type
binary/octet-stream
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
48880
x-xss-protection
1; mode=block
skyscraper.html
www.static-bahn.de/media/view/mdb/media/w/skyscraper/ Frame A204 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.static-bahn.de/media/view/mdb/media/w/skyscraper/skyscraper.html
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.186 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-186.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload

Request headers

:method
GET
:authority
www.static-bahn.de
:scheme
https
:path
/media/view/mdb/media/w/skyscraper/skyscraper.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01

Response headers

content-type
text/html
server
Apache
last-modified
Tue, 06 Oct 2020 13:03:27 GMT
etag
"fe-5b1003989c5c0"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
186
cache-control
max-age=600
date
Mon, 14 Dec 2020 17:12:14 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
logo-s14f2d943f3.png
www.bahn.de/common/view/static/717674e8/responsive/img/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bahn.de/common/view/static/717674e8/responsive/img/logo-s14f2d943f3.png
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1e7590469244308b1f44459fa6a72c070178bec51765a85412dcc4f10bf8b98
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/common/view/static/717674e8/responsive/css/portal.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 13:42:21 GMT
server
AmazonS3
x-amz-request-id
2F4306E55A59CA36
etag
"3b38479c3b7dc6c6df499e2f50f35fed"
x-frame-options
SAMEORIGIN
x-amz-id-2
Jf/rl/wPetNWSydpyoHfGqqPb2HWxKsQnvBmnXbprNJHtYR71yzw071oKyId2SXx6iQ8htSuI68=
content-type
image/png
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
content-length
89457
x-xss-protection
1; mode=block
id
st.bahn.de/ 		48 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.bahn.de/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&mid=82131286691670141366025046059488186413&ts=1607965934531
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/js/lib/omniture/s_code.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
bfff12364729c38871f9dee19351cb474b49d84e2b709b336ea7192e12f9fe92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-f7bfdfcfd-vd9r5
vary
Origin
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.bahn.de
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
utag.js
www.bahn.de/media/view/tms/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/media/view/tms/utag.js
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
46a7251d71378a84d38bfc053a871aeffd7a9ac97fa43b865f9fd06aadea1269
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Nov 2020 11:38:43 GMT
server
Apache
etag
"c6ab-5b55173c7b6c0"
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
max-age=2592000
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
14459
x-xss-protection
1; mode=block
getjson.pl
www.bahn.de/pbin/ 		53 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bahn.de/pbin/getjson.pl?name=nav_p_urlaub&callback=jQuery111006074876577332697_1607965934500&_=1607965934501
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/common/view/static/717674e8/responsive/js/portal-content.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.12 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-12.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7ad92fe274eb9000e56a075c1d8cc54e546ca8dae6e054257deb403bd0146d67
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
x-ep
84
x-amz-request-id
9E3BB746A4ED0318
content-length
53892
x-amz-id-2
UuMuuVPKSlccZKY6H4+s9vOGsU8w5VM7WT0r1/9yueiR3SfchEW8ve5jkMyKd/SKl166V3NwCy4=
last-modified
Sat, 12 Dec 2020 23:23:42 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"87c6f7109d1588f42518e05ea3fbac3c"
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
content-type
text/html
x-xss-protection
1; mode=block
cache-control
max-age=180
content-security-policy
default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
accept-ranges
bytes
s57115552679112
st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.bahn.de/b/ss/dbbahnprod/1/JS-2.20.0/s57115552679112?AQB=1&ndh=1&pf=1&t=14%2F11%2F2020%2018%3A12%3A14%201%20-60&mid=82131286691670141366025046059488186413&ce=UTF-8&ns=deutschebahn&cdp=2&pageName=BAHN_PVE_DEU_DE_urlaub_staedtereisen_ameropa-500-punkte&g=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml%3Fdbkanal_009%3DL01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01&c.&Rendering=Desktop&Orientierung=Landscape&page_info=0%7C0%2C0x0%2C0x0%2C0%2C&first_page_of_visit=true&dbkanal_009=L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01&persistent_campaign=L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01&load_time=3&.c&cc=EUR&ch=BAHN_PVE_DEU_DE&v0=L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01&events=event45%2Cevent46&c1=D%3Dv0&v1=D%3Dv0&h1=PVE%3Eurlaub%3Estaedtereisen&c4=BAHN_PVE_DEU_DE&v4=BAHN_PVE_DEU_DE&c19=D%3Dv19&v19=L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01&c22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml&v22=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml&c24=D%3DpageName&v24=D%3DpageName&c47=L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01%3EBAHN_PVE_DEU_DE_urlaub_staedtereisen_ameropa-500-punkte&c69=logout&v69=logout&v74=D%3DpageName&c75=D%3Dv75&v75=https%3A%2F%2Fwww.bahn.de%2Fp%2Fview%2Furlaub%2Fstaedtereisen%2Fameropa_500-punkte.shtml&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FA50A5953FB37E50A4C98BC%40AdobeOrg&AQE=1
Requested by
Host: www.bahn.de
URL: https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-136-106.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bahn.de/p/view/urlaub/staedtereisen/ameropa_500-punkte.shtml?dbkanal_009=L01_S01_D001_KNL0015_{TrackingDate}-001_{plainMailingId}-ID4_BuH_LZ01
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Dec 2020 17:12:14 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 15 Dec 2020 17:12:14 GMT
server
jag
xserver
anedge-f7bfdfcfd-6zh6b
etag
3453080549891342336-4621686530992393530
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 13 Dec 2020 17:12:14 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| DDTools object| digitalData object| bahn object| html5 object| Modernizr number| browserWidth function| createSkyframe object| $jscomp object| breakpoints function| BackToTop function| LanguageSelector function| TabNav function| Gallery function| Stage function| Tabs function| Folder function| Datepicker function| Rangeslider function| ResponsiveImage function| Quickfinder function| QuickfinderAuskunft function| QuickfinderSparpreis function| QuickfinderPuenklichkeit function| LoginForm function| MainNav function| Carousel function| Dropdown function| initMap undefined| gscript object| SCRAMBLE object| CMF function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| Mustache string| view function| onSuccess function| onFailure function| onApiReady string| s_account string| trackingServer string| secureTrackingServer string| visitorNameSpace string| reportSuite function| e string| s_rsaccount object| s number| inHeadTS function| s_getLoadTime function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in number| s_loadT number| s_objectID number| s_giq function| getCookieValue function| getWebtrackingLoginStatus function| setOmnitureProperties object| utag_data object| jQuery111006074876577332697 undefined| jQuery111006074876577332697_1607965934500 object| cl object| selected_fields boolean| utag_condload object| cart_item undefined| item undefined| verbindung undefined| reiseAbschnitt undefined| index undefined| r undefined| step object| utag boolean| __tealium_twc_switch object| utag_cfg_ovrd function| ParseUserAgent object| gUtil object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| max_initial_percent string| screen_res string| browser_dim number| pixel_dens string| device_ort object| optimizely object| s_i_dbbahnprod

11 Cookies

Domain/Path Name / Value
.bahn.de/ Name: s_ppv
Value: BAHN_PVE_DEU_DE_urlaub_staedtereisen_ameropa-500-punkte%2C53%2C53%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/ Name: AMCV_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: -408604571%7CMCIDTS%7C18611%7CMCMID%7C82131286691670141366025046059488186413%7CMCAID%7CNONE%7CMCOPTOUT-1607973134s%7CNONE%7CvVersion%7C4.6.0
.bahn.de/ Name: AMCVS_5FA50A5953FB37E50A4C98BC%40AdobeOrg
Value: 1
.bahn.de/ Name: s_ppvl
Value: BAHN_PVE_DEU_DE_urlaub_staedtereisen_ameropa-500-punkte%2C53%2C53%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.bahn.de/ Name: s_cc
Value: true
.bahn.de/ Name: sc_pcmp
Value: L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01
.bahn.de/ Name: sc_vis
Value: true
.bahn.de/ Name: sc_var19
Value: L01_S01_D001_KNL0015_%7BTrackingDate%7D-001_%7BplainMailingId%7D-ID4_BuH_LZ01
.bahn.de/ Name: s_ecid
Value: MCMID%7C82131286691670141366025046059488186413
.bahn.de/ Name: utag_main
Value: v_id:0176623d04f7000f95ea5e34a86700078009a07000b08$_sn:1$_se:1$_ss:1$_st:1607967734840$ses_id:1607965934840%3Bexp-session$_pn:1%3Bexp-session
.bahn.de/ Name: bahn-cmf
Value: dbkanal_009%7CL01_S01_D001_KNL0015_

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; script-src * blob: 'unsafe-inline' 'unsafe-eval' https://*.m-pathy.com; style-src 'self' 'unsafe-inline'; img-src https: data:; font-src 'self' data:; media-src https: http: blob: 'self' hdshlsdbbahn-vh.akamaihd.net; connect-src 'self' https: wss://*.m-pathy.com
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

m.exactag.com
mailing.bahn.de
st.bahn.de
www.bahn.de
www.static-bahn.de
104.111.219.12
15.237.136.106
193.169.180.193
2.16.186.186
85.14.248.91
09cd6e2e4909e4ec15b7ca38adbff5b37405b4347b1ce0d7b977aee46b005377
1d0492fd459e32494885cacf2f1648326fb81138caa25940c60e00d0f942c3fb
298669d559f331c5ac67d881d450cea831ca81576e88cb4663cc315dc91444c7
2c2fa5c5ef6a4b1ffc0380550bdb197b56ac13c0ea72c7cc23d0eaa871067d7d
2d47dd07cd116fce4a58ea5ce7aa349bf5904de7f30d69e131cf4f7be3b088d1
46a7251d71378a84d38bfc053a871aeffd7a9ac97fa43b865f9fd06aadea1269
497f6b16919e66b3322095e9253545542296cf6046c27c0f4d78bdb2a55dee81
57411817a143622eed003cea060d984b2762a4f8f59031aca3e31d41482bf81e
7ad92fe274eb9000e56a075c1d8cc54e546ca8dae6e054257deb403bd0146d67
80b6cddf0813c60adc04215ec021fd69a1e5fbe90d3693516e607fa8e20ad206
8911946c6ec554bd9367e2af77ff0e90ee0d7c35ff8eb2d682dee1181761be10
9bd75d01213161905c0278231326126f5066ae7753e9b492b999417e0c2cfbef
a009bf98437ed2e896bfc56f9838b6ca83aac7f96989e971dbc6ad2ccc49b572
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a231b219fd33beeca8baa0abecbb684d31fe0d154a25a092510d607a38637ea8
a39881eeb2cc948083b29f436b57600451670f1d10e390306af0693d2eb44f74
a970c25a89029bbcd47c332e48f070be62c61b8e16bc56f77ea807536d80b01f
bfff12364729c38871f9dee19351cb474b49d84e2b709b336ea7192e12f9fe92
da1617a9a8adfeacee06c6271bcc53eb9017109ad3e1125488d676190dc5affe
de3c7d494d078ccdc4f052f4c99302afa89b505682c7b19743a2ad87274fd257
e1e7590469244308b1f44459fa6a72c070178bec51765a85412dcc4f10bf8b98
e5e2c4c5288a46af5b587fe4b6ed5c881dfc8faaf4d76a08c5c2c5fcd74238b3