demo.oncademy.de Open in urlscan Pro
80.190.64.127 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://demo.oncademy.de/users/sign_in
Submission: On March 02 via manual (March 2nd 2023, 3:04:37 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 80.190.64.127, located in Germany and belongs to IPX-AS15598, DE. The main domain is demo.oncademy.de.
TLS certificate: Issued by R3 on January 9th 2023. Valid for: 3 months.

This is the only time demo.oncademy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	80.190.64.127 80.190.64.127	15598 (IPX-AS15598) (IPX-AS15598)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
8	3

6 80.190.64.127 (Germany)

ASN15598 (IPX-AS15598, DE)

demo.oncademy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	oncademy.de demo.oncademy.de	1 MB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 747	97 B
8	2

	Domain	Requested by
6	demo.oncademy.de	demo.oncademy.de
2	sessions.bugsnag.com	demo.oncademy.de
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.oncademy.de R3	`2023-01-09` - `2023-04-09`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://demo.oncademy.de/users/sign_in
Frame ID: EEA3A0CDD291DA93E6F191B509CB577B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PINKTUM

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1308 kB
Transfer

3993 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sign_in Show response
demo.oncademy.de/users/ 6 KB
4 KB 241ms
88ms Document
text/html 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.oncademy.de/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

9238bdf39360e7df9d172f5a81a095f952fc2e0896500d91ef6d2503c4634e10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src 'self' *.bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src * blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
content-type: text/html; charset=utf-8
date: Thu, 02 Mar 2023 15:04:32 GMT
etag: W/"9238bdf39360e7df9d172f5a81a095f9"
link: </assets/application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a7f77320-2626-4cdb-b7cb-497096b073e9
x-xss-protection: 1; mode=block

GET
H2 200 application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css
demo.oncademy.de/assets/ 277 KB
42 KB 79ms
79ms Stylesheet
text/css 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.oncademy.de/assets/application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

66b03a0edbe67c2685c607464f1c19f0a827f9544c52e54a826cc5ccce1d953e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.oncademy.de/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
content-length: 43100
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 15:04:32 GMT

GET
H2 200 application-964c53572fa5449c49be55e5312909d0f30a1a4260d545b174c1094c5389ddc6.js Show response
demo.oncademy.de/assets/ 3 MB
1 MB 118ms
118ms Script
application/javascript 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.oncademy.de/assets/application-964c53572fa5449c49be55e5312909d0f30a1a4260d545b174c1094c5389ddc6.js

Requested by

Host: demo.oncademy.de
URL: https://demo.oncademy.de/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

c3ecc759cb4bb870fff5c40d1b58a246ae8d0ecbbfce36c90bfe1102b600e86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.oncademy.de/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 1091631
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 15:04:32 GMT

GET
H2 200 bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js Show response
demo.oncademy.de/assets/ 44 KB
14 KB 103ms
102ms Script
application/javascript 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.oncademy.de/assets/bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js

Requested by

Host: demo.oncademy.de
URL: https://demo.oncademy.de/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

6312a5a07e380afb4afed6c90598ed38e3e3f62b1cbaaf8a2dbb858c83d6787c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.oncademy.de/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:04:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 14236
x-xss-protection: 1; mode=block
expires: Fri, 01 Mar 2024 15:04:32 GMT

GET
H2 200 medium_center-c2a993acf92bac0bfddc9a00e2874c18.png
demo.oncademy.de/ci/accountstyle/4/brand_logo/ 4 KB
4 KB 103ms
102ms Image
image/png 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demo.oncademy.de/ci/accountstyle/4/brand_logo/medium_center-c2a993acf92bac0bfddc9a00e2874c18.png

Requested by

Host: demo.oncademy.de
URL: https://demo.oncademy.de/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

3d704943c5fe7aac4ebd9af9a623ffb081800be8c0559e60ab2258ae886e922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.oncademy.de/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:04:32 GMT
strict-transport-security: max-age=15768000
last-modified: Sat, 19 Nov 2022 14:35:59 GMT
content-length: 4317
content-type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886ca2959c549037334614e80d5f85baab47913d0a692346329cc9a590925e42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 622fc5d3928bcb2c37c66e903079fa2d282402a670f184cb29f0935266a729a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 medium-961ab6944394114b0ea87efe92ca8fd6.png
demo.oncademy.de/ci/accountstyle/4/lp_photo/ 176 KB
176 KB 109ms
108ms Image
image/png 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://demo.oncademy.de/ci/accountstyle/4/lp_photo/medium-961ab6944394114b0ea87efe92ca8fd6.png

Requested by

Host: demo.oncademy.de
URL: https://demo.oncademy.de/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

c0e04816c12924949ef6baf10f91d25fc31f55896536d7110f2f170834f1d707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.oncademy.de/users/sign_in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:04:32 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 21 Nov 2022 13:39:25 GMT
content-length: 179801
content-type: image/png

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 324ms
186ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://demo.oncademy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 02 Mar 2023 15:04:32 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 182ms
181ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: demo.oncademy.de
URL: https://demo.oncademy.de/assets/bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://demo.oncademy.de/
Bugsnag-Sent-At: 2023-03-02T15:04:32.733Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 2df5846c3a69f02bf5c0ee6269389c96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 15:04:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			demo.oncademy.de/	1970-01-20 10:02:51	Name: _tbs_session Value: dc1f2184eb93e031a4c94082a76fbd55

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demo.oncademy.de
sessions.bugsnag.com
2600:1901:0:7a0b::
80.190.64.127
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
3d704943c5fe7aac4ebd9af9a623ffb081800be8c0559e60ab2258ae886e922e
622fc5d3928bcb2c37c66e903079fa2d282402a670f184cb29f0935266a729a6
6312a5a07e380afb4afed6c90598ed38e3e3f62b1cbaaf8a2dbb858c83d6787c
66b03a0edbe67c2685c607464f1c19f0a827f9544c52e54a826cc5ccce1d953e
886ca2959c549037334614e80d5f85baab47913d0a692346329cc9a590925e42
9238bdf39360e7df9d172f5a81a095f952fc2e0896500d91ef6d2503c4634e10
c0e04816c12924949ef6baf10f91d25fc31f55896536d7110f2f170834f1d707
c3ecc759cb4bb870fff5c40d1b58a246ae8d0ecbbfce36c90bfe1102b600e86c

demo.oncademy.de Open in urlscan Pro 80.190.64.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1308 kBTransfer

3993 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

demo.oncademy.de Open in urlscan Pro
80.190.64.127 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1308 kB
Transfer

3993 kB
Size

1
Cookies

8 HTTP transactions
2 data transactions