Submitted URL: https://webapp.berlinghof-it-services.de/
Effective URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwe...
Submission: On September 01 via automatic, source certstream-suspicious — Scanned from IT

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 95.208.222.25, located in Karlsruhe, Germany and belongs to VODANET International IP-Backbone of Vodafone, DE. The main domain is sso.berlinghof-it-services.de.
TLS certificate: Issued by R11 on August 18th 2024. Valid for: 3 months.
This is the only time sso.berlinghof-it-services.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 95.208.222.25 3209 (VODANET I...)
18 2
Domain Requested by
13 sso.berlinghof-it-services.de webapp.berlinghof-it-services.de
sso.berlinghof-it-services.de
4 webapp.berlinghof-it-services.de webapp.berlinghof-it-services.de
18 2

This site contains no links.

Subject Issuer Validity Valid
webapp.berlinghof-it-services.de
R11
2024-09-01 -
2024-11-30
3 months crt.sh
sso.berlinghof-it-services.de
R11
2024-08-18 -
2024-11-16
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Frame ID: 49E2D9F43963F8E7ED9DF2550623F597
Requests: 16 HTTP requests in this frame

Frame: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 9422E7722EBDE6B2EE50AD1758FE871B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Anmeldung bei BITS & more

Page URL History Show full URLs

  1. https://webapp.berlinghof-it-services.de/ Page URL
  2. https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_... Page URL

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

2408 kB
Transfer

3757 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webapp.berlinghof-it-services.de/ Page URL
  2. https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
webapp.berlinghof-it-services.de/
867 B
1 KB
Document
General
Full URL
https://webapp.berlinghof-it-services.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 / Express
Resource Hash
56409cb73f32e9a967aff7d96e7e389afbceff0bd3f3e0cd9df7ac268ab3fc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
867
content-type
text/html; charset=UTF-8
date
Sun, 01 Sep 2024 11:02:59 GMT
etag
W/"363-191ad355fd0"
last-modified
Sun, 01 Sep 2024 10:50:42 GMT
server
nginx/1.23.4
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-powered-by
Express
index-85f846ea.js
webapp.berlinghof-it-services.de/assets/
1005 KB
283 KB
Script
General
Full URL
https://webapp.berlinghof-it-services.de/assets/index-85f846ea.js
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 / Express
Resource Hash
a480a8c73321dc79a8f7482b36f2e0522e47f680d67783fb432b42cf15967184
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webapp.berlinghof-it-services.de/
Origin
https://webapp.berlinghof-it-services.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:02:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Sep 2024 10:50:42 GMT
server
nginx/1.23.4
x-powered-by
Express
etag
W/"fb3bc-191ad355fd0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
index-4c2fd732.css
webapp.berlinghof-it-services.de/assets/
741 KB
107 KB
Stylesheet
General
Full URL
https://webapp.berlinghof-it-services.de/assets/index-4c2fd732.css
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 / Express
Resource Hash
4c2fd732fbed5ff088c58fd4b9f72d2b13f7b709ef6561c977a7af273cd3bb8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webapp.berlinghof-it-services.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:02:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Sep 2024 10:50:42 GMT
server
nginx/1.23.4
x-powered-by
Express
etag
W/"b9473-191ad355fd0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
registerSW.js
webapp.berlinghof-it-services.de/
134 B
395 B
Script
General
Full URL
https://webapp.berlinghof-it-services.de/registerSW.js
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 / Express
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://webapp.berlinghof-it-services.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:02:59 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 01 Sep 2024 10:50:42 GMT
server
nginx/1.23.4
x-powered-by
Express
etag
W/"86-191ad355fd0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
134
step1.html
sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/ Frame 9422
2 KB
3 KB
Document
General
Full URL
https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/assets/index-85f846ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
4080ffc9ca89666f1492cd9742da52ad6e56bd36191233f9d17f64f1610c22f8
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://webapp.berlinghof-it-services.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-length
2318
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Sun, 01 Sep 2024 11:03:01 GMT
referrer-policy
no-referrer
server
nginx/1.23.4
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
step2.html
sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/ Frame 9422
686 B
1 KB
Document
General
Full URL
https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/3p-cookies/step1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
27abff3edf4192d73c66f42fe9a773358b54c46a38afaa5f1cfe1753f68415eb
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-length
686
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Sun, 01 Sep 2024 11:03:01 GMT
referrer-policy
no-referrer
server
nginx/1.23.4
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
Primary Request auth
sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/
5 KB
7 KB
Document
General
Full URL
https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/assets/index-85f846ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
89463cd1477d5aa9787f032a40de9fbcfacb4b2123bb36817474000faa25e407
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://webapp.berlinghof-it-services.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-language
de
content-length
5446
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Sun, 01 Sep 2024 11:03:01 GMT
referrer-policy
no-referrer
server
nginx/1.23.4
strict-transport-security
max-age=31536000; includeSubDomains max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block
favicon.ico
webapp.berlinghof-it-services.de/
0
0

patternfly.min.css
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/@patternfly/patternfly/
1 MB
1 MB
Stylesheet
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/@patternfly/patternfly/patternfly.min.css
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
fe821fa52ccab3b70d9c1a024bb0cbfcf52c0fcc1ef96200035a4b749e2c3d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/css
cache-control
no-cache
x-xss-protection
1; mode=block
patternfly.min.css
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/
178 KB
179 KB
Stylesheet
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/css
cache-control
no-cache
x-xss-protection
1; mode=block
patternfly-additions.min.css
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/
220 KB
220 KB
Stylesheet
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/css
cache-control
no-cache
x-xss-protection
1; mode=block
pficon.css
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/lib/pficon/
540 B
783 B
Stylesheet
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/lib/pficon/pficon.css
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
d84235c3a967dfe986e6bee6955bccbe3829feb6a823000385918aa0c312e5c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/css
cache-control
no-cache
content-length
540
x-xss-protection
1; mode=block
login.css
sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/css/login.css
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/realms/bits-and-more/protocol/openid-connect/auth?client_id=webapp&redirect_uri=https%3A%2F%2Fwebapp.berlinghof-it-services.de%2F&state=8400f2d7-5196-4fe7-8351-5b3bbdedb9e1&response_mode=fragment&response_type=code&scope=openid&nonce=d59409e3-2d09-4655-aa5f-5b51f5300474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
0cff0387c1f69c5a65d2db2cea542dad0890990d490d03b723a848556541d9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/css
cache-control
no-cache
x-xss-protection
1; mode=block
authChecker.js
sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/js/
2 KB
2 KB
Script
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/js/authChecker.js
Requested by
Host: webapp.berlinghof-it-services.de
URL: https://webapp.berlinghof-it-services.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
be91b2216acb6673f2afbeedbcf39aef1535899b9963134c3048303db7ea5557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://sso.berlinghof-it-services.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
text/javascript
cache-control
no-cache
content-length
1823
x-xss-protection
1; mode=block
keycloak-bg.png
sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/img/
80 KB
80 KB
Image
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/img/keycloak-bg.png
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/css/login.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
image/png
cache-control
no-cache
x-xss-protection
1; mode=block
OpenSans-Regular-webfont.woff2
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/fonts/
61 KB
61 KB
Font
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://sso.berlinghof-it-services.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
application/octet-stream
cache-control
no-cache
x-xss-protection
1; mode=block
OpenSans-Light-webfont.woff2
sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/fonts/
62 KB
62 KB
Font
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: sso.berlinghof-it-services.de
URL: https://sso.berlinghof-it-services.de/resources/fiurb/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://sso.berlinghof-it-services.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
application/octet-stream
cache-control
no-cache
x-xss-protection
1; mode=block
favicon.ico
sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/img/
627 B
880 B
Other
General
Full URL
https://sso.berlinghof-it-services.de/resources/fiurb/login/keycloak/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.208.222.25 Karlsruhe, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-095-208-222-025.um33.pools.vodafone-ip.de
Software
nginx/1.23.4 /
Resource Hash
47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 01 Sep 2024 11:03:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy
no-referrer
x-content-type-options
nosniff
server
nginx/1.23.4
content-type
application/octet-stream
cache-control
no-cache
content-length
627
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webapp.berlinghof-it-services.de
URL
https://webapp.berlinghof-it-services.de/favicon.ico

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
sso.berlinghof-it-services.de/realms/bits-and-more/ Name: AUTH_SESSION_ID
Value: 354692b9-ff00-4251-92ce-aabbd2581ed8.c23448f44d32-51699
sso.berlinghof-it-services.de/realms/bits-and-more/ Name: AUTH_SESSION_ID_LEGACY
Value: 354692b9-ff00-4251-92ce-aabbd2581ed8.c23448f44d32-51699
sso.berlinghof-it-services.de/realms/bits-and-more/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5MTQ5ZDU3Yi1lMGM1LTQ0NWEtOTE5Zi0zYWM3ZmVmODNlN2UifQ.eyJjaWQiOiJ3ZWJhcHAiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL3dlYmFwcC5iZXJsaW5naG9mLWl0LXNlcnZpY2VzLmRlLyIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9zc28uYmVybGluZ2hvZi1pdC1zZXJ2aWNlcy5kZS9yZWFsbXMvYml0cy1hbmQtbW9yZSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly93ZWJhcHAuYmVybGluZ2hvZi1pdC1zZXJ2aWNlcy5kZS8iLCJzdGF0ZSI6Ijg0MDBmMmQ3LTUxOTYtNGZlNy04MzUxLTViM2JiZGVkYjllMSIsIm5vbmNlIjoiZDU5NDA5ZTMtMmQwOS00NjU1LWFhNWYtNWI1MWY1MzAwNDc0IiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.3u-JvWe-7bmVGEZ7vsaY2OZZQL5LI8jakXx139UeWvc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000