dbregiobus-bawue.de
HTML metadata
Technology
- CDN
- Akamai
Third-party hosts loaded (1)
- assets.static-bahn.de×21
Registration
- Updated
- 2025-12-09
- Name servers
-
- ns1.eurodns.com.
- ns2.eurodns.com.
- ns3.eurodns.com.
- ns4.eurodns.com.
DNS records live
- NS
-
- ns1.eurodns.com
- ns2.eurodns.com
- ns3.eurodns.com
- ns4.eurodns.com
- Verified for
-
Email authentication no MX
- SPF
- not published
- DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current) wrong cert
Amazon RSA 2048 M04
Expires in 160 days
HTTP security headers
- present
-
- strict-transport-security
- content-security-policy
- x-frame-options
- x-content-type-options
- findings
-
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing Referrer Policy
- missing Permissions Policy
Header values
- x-frame-options
sameorigin- x-content-type-options
nosniff- content-security-policy
default-src 'self'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sdk.token.logpay.de https://*.payone.com https://maps.googleapis.com blob: https://www.jsctool.com https://jsctool.com https://*.optimizely.com https://secure.pay1.de https://dbpayment.deutschebahn.com https://payment.deutschebahn.com https://www.img-bahn.de https://cms.static-bahn.de https://cms.static-bahn.de https://cdn.m-pathy.com https://dmp.adform.net https://zn0lxkzethotizctx-bahn.siteintercept.qualtrics.com https://*.adform.net https://m.exactag.com https://siteintercept.qualtrics.com https://*.bahn.de https://*.bahn.com https://app.crossengage.io https://ucm-eu.verint-cdn.com https://*.go-mpulse.net; connect-src 'self' https://maps.googleapis.com https://mapsresources-pa.googleapis.com https://www.gstatic.com data: blob: https://p11.techlab-cdn.com https://www.jsctool.com https://- strict-transport-security
max-age=16070400; includeSubDomains