www.klinikum.uni-heidelberg.de Open in urlscan Pro
138.68.125.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hunter-heidelberg.com/
Effective URL:
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
Submission: On March 07 via api (March 7th 2022, 1:27:55 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 138.68.125.98, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.klinikum.uni-heidelberg.de.
TLS certificate: Issued by R3 on March 2nd 2022. Valid for: 3 months.

This is the only time www.klinikum.uni-heidelberg.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.20.100.105 178.20.100.105	45012 (CLOUDPIT) (CLOUDPIT)
2 14	138.68.125.98 138.68.125.98	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
15	3

1 178.20.100.105 (Germany) 1 redirects

ASN45012 (CLOUDPIT, DE)
PTR: moodymind.de

hunter-heidelberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 138.68.125.98 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.klinikum.uni-heidelberg.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	uni-heidelberg.de 2 redirects www.klinikum.uni-heidelberg.de	883 KB
2	gstatic.com fonts.gstatic.com	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	hunter-heidelberg.com 1 redirects hunter-heidelberg.com	276 B
15	4

	Domain	Requested by
14	www.klinikum.uni-heidelberg.de	2 redirects www.klinikum.uni-heidelberg.de
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.klinikum.uni-heidelberg.de
1	hunter-heidelberg.com	1 redirects
15	4

This site contains links to these domains. Also see Links.

Domain
www.iktz-hd.de
www.heidelberg-university-hospital.com
www.uni-heidelberg.de
www.heidelberg.de
intranet.krz.uni-heidelberg.de
www.facebook.com
instagram.com
twitter.com
www.youtube.com
www.linkedin.com
www.sgalinski.de

Subject Issuer	Validity	Valid
www.klinikum.uni-heidelberg.de R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
Frame ID: 32DBED5A0A2BF3FD85DDA95062512495
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Universitätsklinikum Heidelberg: 404 Fehlerseite

Page URL History Show full URLs

http://hunter-heidelberg.com/ HTTP 301
https://www.klinikum.uni-heidelberg.de/Tagung-2017.141265.0.html HTTP 301
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/alte-seiten/tagung-2017 HTTP 301
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/ Page URL

Detected technologies

TYPO3 CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+ href="/?typo3(?:conf|temp)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

910 kB
Transfer

1734 kB
Size

0
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iktz-hd.de/home/
Title: Blut Spende

Search URL Search Domain Scan URL

URL: https://www.heidelberg-university-hospital.com/
Title: english

Search URL Search Domain Scan URL

URL: https://www.heidelberg-university-hospital.com/ru/
Title: русский

Search URL Search Domain Scan URL

URL: https://www.heidelberg-university-hospital.com/de/
Title: deutsch

Search URL Search Domain Scan URL

URL: https://www.uni-heidelberg.de/
Title: Universität Heidelberg

Search URL Search Domain Scan URL

URL: http://www.heidelberg.de/
Title: Stadt Heidelberg

Search URL Search Domain Scan URL

URL: http://intranet.krz.uni-heidelberg.de/
Title: Intranet Universitätsklinikum

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uniklinikumheidelberg/

Search URL Search Domain Scan URL

URL: https://instagram.com/ukhd_heartbeat

Search URL Search Domain Scan URL

URL: https://twitter.com/uniklinik_hd

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSqsbs_7-Q2FL3E0dR_09Mg

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/universit%C3%A4tsklinikum-heidelberg-ukhd

Search URL Search Domain Scan URL

URL: https://www.sgalinski.de/typo3-produkte-webentwicklung/sgalinski-cookie-optin/
Title: Powered bysgalinski Cookie Opt In

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hunter-heidelberg.com/ HTTP 301
https://www.klinikum.uni-heidelberg.de/Tagung-2017.141265.0.html HTTP 301
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/alte-seiten/tagung-2017 HTTP 301
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
Redirect Chain

http://hunter-heidelberg.com/
https://www.klinikum.uni-heidelberg.de/Tagung-2017.141265.0.html
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/alte-seiten/tagung-2017
https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

41 KB
9 KB

154ms
154ms

Document
text/html

138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b8ed809d70bca28b80197bf446233f4cbc0dd7dc35e84f96d4e5ba944dd49461

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 07 Mar 2022 13:27:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 07 Mar 2022 13:27:50 GMT
content-type: text/html; charset=UTF-8
x-redirect-by: TYPO3 Redirect 9
location: /sonstige-seiten/hunter-group/die-hunter-gruppe/
strict-transport-security: max-age=63072000
x-content-type-options: nosniff

GET
H2 200 Main_ukhd.css
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/ 389 KB
46 KB 14ms
13ms Stylesheet
text/css 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/Main_ukhd.css?1646648738

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

b84955eaef9fbd704105cf05844651c3ae231c08dbb1585747e00f4ae230a732

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 10:25:38 GMT
server: nginx
etag: W/"6225dda2-61316"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:50 GMT

GET
H2 200 common-vendor.js Show response
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/ 376 KB
117 KB 32ms
31ms Script
application/javascript 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/common-vendor.js?1646648761

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1fd858dc64bff1de60d0ea86bbcb5b85312cb16ecb02208e55114cd3caba3359

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 10:26:01 GMT
server: nginx
etag: W/"6225ddb9-5df8b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:50 GMT

GET
H2 200 main.js Show response
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/ 44 KB
13 KB 9ms
9ms Script
application/javascript 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/main.js?1646648761

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

763f318d86fb0ff461a4648b09d17f62115c3175ee99411b682bb56bf5767243

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 10:26:01 GMT
server: nginx
etag: W/"6225ddb9-b1d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 153ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8b5129b555d9581cf1ae5929654c4950e91a12d5a56022a205ad8dd0bd0cd33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 11:48:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Mar 2022 13:27:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Mar 2022 13:27:51 GMT

GET
H2 200 cookieOptin.css
www.klinikum.uni-heidelberg.de/fileadmin/sg_cookie_optin/siteroot-200400/ 9 KB
2 KB 31ms
31ms Stylesheet
text/css 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/fileadmin/sg_cookie_optin/siteroot-200400/cookieOptin.css?1626430719

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

13d1134bedc86f67451038b289a50667b989ab8340b2cf44a7624efa046a2d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 10:18:39 GMT
server: nginx
etag: W/"60f15cff-2510"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:50 GMT

GET
H2 200 cookieOptin.js Show response
www.klinikum.uni-heidelberg.de/fileadmin/sg_cookie_optin/siteroot-200400/ 12 KB
4 KB 31ms
31ms Script
application/javascript 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/fileadmin/sg_cookie_optin/siteroot-200400/cookieOptin.js

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0a14ec33243cbdb792e9b46f9ef1172c39a716de02050ff0cf5508484e2a3bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Jul 2021 10:18:40 GMT
server: nginx
etag: W/"60f15d00-2fb5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:50 GMT

GET
H2 200 Logo_ukhd_de.svg
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/ 205 KB
72 KB 15ms
15ms Image
image/svg+xml 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/Logo_ukhd_de.svg

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

424cfb145c8db5ea6039be5e1a4496247f5155c9ba983778f4eb6b680836a794

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 09:52:42 GMT
server: nginx
etag: W/"6225d5ea-33355"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:51 GMT

GET
H2 200 Logo_Akronym_UKHD_schmal.svg
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/ 5 KB
2 KB 7ms
6ms Image
image/svg+xml 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/Logo_Akronym_UKHD_schmal.svg

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

94ba3c01b8417bf6f2ef8c85eb24c04f1960fc093a5c7c5a6a379bb9b34a47ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 09:52:42 GMT
server: nginx
etag: W/"6225d5ea-14cd"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:51 GMT

GET
H2 200 UKHD.ttf
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Fonts/ 165 KB
166 KB 9ms
9ms Font
application/octet-stream 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Fonts/UKHD.ttf?rtuvgc

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/Main_ukhd.css?1646648738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

7ecddf20d75b8e9499e4673c1d8cc780176970ac54c7a498f55816cf1ec21026

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/Main_ukhd.css?1646648738
Origin: https://www.klinikum.uni-heidelberg.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 09:52:42 GMT
server: nginx
etag: "6225d5ea-29504"
strict-transport-security: max-age=63072000
content-type: application/octet-stream
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 169220
expires: Sat, 03 Sep 2022 13:27:51 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.klinikum.uni-heidelberg.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:02:06 GMT
x-content-type-options: nosniff
age: 415545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:02:06 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 13 KB
13 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.klinikum.uni-heidelberg.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:07:44 GMT
x-content-type-options: nosniff
age: 415207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12956
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:36:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:07:44 GMT

GET
H2 200 Background404.jpg
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/ 439 KB
437 KB 7ms
7ms Image
image/jpeg 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/Background404.jpg

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/Main_ukhd.css?1646648738

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

2825378dd5cab0320779e7a9e0dde5e3980f32675cc32c47c7e71acc65ddb15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Css/Main_ukhd.css?1646648738
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 09:52:42 GMT
server: nginx
etag: W/"6225d5ea-6da38"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:51 GMT

GET
H2 200 18.4209f8927b8dbbd8c2e0.js Show response
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/ 900 B
741 B 12ms
12ms Script
application/javascript 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/18.4209f8927b8dbbd8c2e0.js

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/JavaScript/main.js?1646648761

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3dcf235efcdaf5a44966495699e6140908312b472f54ec0ea34e77e655dba6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 10:26:01 GMT
server: nginx
etag: W/"6225ddb9-384"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:51 GMT

GET
H2 200 Logo_footer.png
www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/ 14 KB
14 KB 9ms
8ms Image
image/png 138.68.125.98
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.klinikum.uni-heidelberg.de/typo3conf/ext/site_ukhd/Resources/Public/Images/Logo_footer.png

Requested by

Host: www.klinikum.uni-heidelberg.de
URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.68.125.98 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cbee84829e37c15ca8bd168ad152d295b8dc66bae510a38c5d541c40e6770a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Mar 2022 09:52:42 GMT
server: nginx
etag: W/"6225d5ea-389c"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=15552000
strict-transport-security: max-age=63072000
expires: Sat, 03 Sep 2022 13:27:51 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.klinikum.uni-heidelberg.de/sonstige-seiten/hunter-group/die-hunter-gruppe/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hunter-heidelberg.com
www.klinikum.uni-heidelberg.de
138.68.125.98
178.20.100.105
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200a
0a14ec33243cbdb792e9b46f9ef1172c39a716de02050ff0cf5508484e2a3bc6
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
13d1134bedc86f67451038b289a50667b989ab8340b2cf44a7624efa046a2d57
1fd858dc64bff1de60d0ea86bbcb5b85312cb16ecb02208e55114cd3caba3359
2825378dd5cab0320779e7a9e0dde5e3980f32675cc32c47c7e71acc65ddb15a
3dcf235efcdaf5a44966495699e6140908312b472f54ec0ea34e77e655dba6a1
424cfb145c8db5ea6039be5e1a4496247f5155c9ba983778f4eb6b680836a794
763f318d86fb0ff461a4648b09d17f62115c3175ee99411b682bb56bf5767243
7ecddf20d75b8e9499e4673c1d8cc780176970ac54c7a498f55816cf1ec21026
94ba3c01b8417bf6f2ef8c85eb24c04f1960fc093a5c7c5a6a379bb9b34a47ff
b84955eaef9fbd704105cf05844651c3ae231c08dbb1585747e00f4ae230a732
b8ed809d70bca28b80197bf446233f4cbc0dd7dc35e84f96d4e5ba944dd49461
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c8b5129b555d9581cf1ae5929654c4950e91a12d5a56022a205ad8dd0bd0cd33
cbee84829e37c15ca8bd168ad152d295b8dc66bae510a38c5d541c40e6770a31

www.klinikum.uni-heidelberg.de Open in urlscan Pro 138.68.125.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

910 kBTransfer

1734 kBSize

0 Cookies

13 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.klinikum.uni-heidelberg.de Open in urlscan Pro
138.68.125.98 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

910 kB
Transfer

1734 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions