oncademy.de Open in urlscan Pro
80.190.64.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oncademy.de/
Effective URL:
https://oncademy.de/
Submission: On September 07 via api (September 7th 2023, 1:41:06 pm UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 80.190.64.127, located in Germany and belongs to IPX-AS15598, DE. The main domain is oncademy.de.
TLS certificate: Issued by R3 on June 26th 2023. Valid for: 3 months.

This is the only time oncademy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	80.190.64.127 80.190.64.127	15598 (IPX-AS15598) (IPX-AS15598)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
8	3

7 80.190.64.127 (Germany) 1 redirects

ASN15598 (IPX-AS15598, DE)

oncademy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	oncademy.de 1 redirects oncademy.de	2 MB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 956	97 B
8	2

	Domain	Requested by
7	oncademy.de	1 redirects oncademy.de
2	sessions.bugsnag.com	oncademy.de
8	2

This site contains no links.

Subject Issuer	Validity	Valid
*.oncademy.de R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://oncademy.de/
Frame ID: 388B3B554CB81D6716699E8085BCAB7C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Default Account (Standardaccount)

Page URL History Show full URLs

http://oncademy.de/ HTTP 301
https://oncademy.de/ Page URL

Detected technologies

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1732 kB
Transfer

4416 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oncademy.de/ HTTP 301
https://oncademy.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
oncademy.de/
Redirect Chain

http://oncademy.de/
https://oncademy.de/

6 KB
4 KB

496ms
185ms

Document
text/html

80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://oncademy.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

7a3518df9636fb45c0b83fbf898c4552edd7ee99bd84c5e6dd8bc4d53b3e5f26

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; connect-src 'self' *.bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src * blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 13:40:56 GMT
etag: W/"7a3518df9636fb45c0b83fbf898c4552"
link: </assets/application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css>; rel=preload; as=style; nopush
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 75191269-6e06-4aac-846c-2cbbdd36e900
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 07 Sep 2023 13:40:55 GMT
Location: https://oncademy.de/

GET
H2 200 application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css
oncademy.de/assets/ 277 KB
42 KB 298ms
297ms Stylesheet
text/css 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://oncademy.de/assets/application-ad84cd5093f5dd1d11ff0c82b8f6f984448f0c7b4da1ec188f8471bef0affd92.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

66b03a0edbe67c2685c607464f1c19f0a827f9544c52e54a826cc5ccce1d953e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oncademy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 13:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, public
content-length: 43100
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2024 13:40:56 GMT

GET
H2 200 application-964c53572fa5449c49be55e5312909d0f30a1a4260d545b174c1094c5389ddc6.js Show response
oncademy.de/assets/ 3 MB
1 MB 446ms
445ms Script
application/javascript 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://oncademy.de/assets/application-964c53572fa5449c49be55e5312909d0f30a1a4260d545b174c1094c5389ddc6.js

Requested by

Host: oncademy.de
URL: https://oncademy.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

c3ecc759cb4bb870fff5c40d1b58a246ae8d0ecbbfce36c90bfe1102b600e86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oncademy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 13:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 1091631
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2024 13:40:56 GMT

GET
H2 200 bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js Show response
oncademy.de/assets/ 44 KB
14 KB 444ms
443ms Script
application/javascript 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL

https://oncademy.de/assets/bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js

Requested by

Host: oncademy.de
URL: https://oncademy.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

6312a5a07e380afb4afed6c90598ed38e3e3f62b1cbaaf8a2dbb858c83d6787c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oncademy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 13:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
content-length: 14236
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2024 13:40:56 GMT

GET
H2 200 medium_center-952d49e074422a623acf02eb4eacbbd8.png
oncademy.de/ci/accountstyle/1/brand_logo/ 5 KB
5 KB 444ms
444ms Image
image/png 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oncademy.de/ci/accountstyle/1/brand_logo/medium_center-952d49e074422a623acf02eb4eacbbd8.png

Requested by

Host: oncademy.de
URL: https://oncademy.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

60ad67a3c5a45ea270870f602129f648dff364679e8e3d5ff741f44adceadf30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oncademy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 13:40:56 GMT
strict-transport-security: max-age=15768000
last-modified: Mon, 21 Nov 2022 14:32:37 GMT
content-length: 4730
content-type: image/png

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 886ca2959c549037334614e80d5f85baab47913d0a692346329cc9a590925e42

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 806 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 622fc5d3928bcb2c37c66e903079fa2d282402a670f184cb29f0935266a729a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bg_landing-13ce2f78e0c813b3a794a7f280e10d18c81e410c5631b4d099f29d85c1a1c6ea.jpg
oncademy.de/assets/ 599 KB
600 KB 424ms
423ms Image
image/jpeg 80.190.64.127
IPX-AS15598

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oncademy.de/assets/bg_landing-13ce2f78e0c813b3a794a7f280e10d18c81e410c5631b4d099f29d85c1a1c6ea.jpg

Requested by

Host: oncademy.de
URL: https://oncademy.de/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

80.190.64.127 , Germany, ASN15598 (IPX-AS15598, DE),

Reverse DNS

Software

Resource Hash

0690eda259c7a2f3a1fbab90a53e2fbd3b04d8e96237688de5483751d6c8a9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://oncademy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 13:40:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 11:24:32 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 612991
x-xss-protection: 1; mode=block
expires: Fri, 06 Sep 2024 13:40:56 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 180ms
100ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://oncademy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 07 Sep 2023 13:40:58 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 102ms
101ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: oncademy.de
URL: https://oncademy.de/assets/bugsnag-fbe45fb0b9480c45ea8a8ad95dd404fa80e08a97faa5dad7a3908162ca49fdba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://oncademy.de/
Bugsnag-Sent-At: 2023-09-07T13:40:58.077Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: 2df5846c3a69f02bf5c0ee6269389c96
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 07 Sep 2023 13:40:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oncademy.de/	1970-01-20 14:34:55	Name: _tbs_session Value: f3c995866e49b2fea2bcdc66e68ba08a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' .bugsnag.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.youtube.com https://s.ytimg.com https://player.vimeo.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; media-src blob:; frame-src 'self' https://www.youtube.com/ https://www.youtube-nocookie.com/ https://player.vimeo.com/ https://helpdesk.herdt.com/
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oncademy.de
sessions.bugsnag.com
2600:1901:0:7a0b::
80.190.64.127
0690eda259c7a2f3a1fbab90a53e2fbd3b04d8e96237688de5483751d6c8a9ae
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
60ad67a3c5a45ea270870f602129f648dff364679e8e3d5ff741f44adceadf30
622fc5d3928bcb2c37c66e903079fa2d282402a670f184cb29f0935266a729a6
6312a5a07e380afb4afed6c90598ed38e3e3f62b1cbaaf8a2dbb858c83d6787c
66b03a0edbe67c2685c607464f1c19f0a827f9544c52e54a826cc5ccce1d953e
7a3518df9636fb45c0b83fbf898c4552edd7ee99bd84c5e6dd8bc4d53b3e5f26
886ca2959c549037334614e80d5f85baab47913d0a692346329cc9a590925e42
c3ecc759cb4bb870fff5c40d1b58a246ae8d0ecbbfce36c90bfe1102b600e86c

oncademy.de Open in urlscan Pro 80.190.64.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1732 kBTransfer

4416 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

oncademy.de Open in urlscan Pro
80.190.64.127 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1732 kB
Transfer

4416 kB
Size

1
Cookies

8 HTTP transactions
2 data transactions