dsf.ue-germany.de - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 20.113.192.72, located in Berlin, Germany and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is dsf.ue-germany.de.
TLS certificate: Issued by Thawte TLS RSA CA G1 on November 28th 2023. Valid for: a year.

This is the only time dsf.ue-germany.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	20.113.192.72 20.113.192.72		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	1

6 20.113.192.72 (Berlin, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dsf.ue-germany.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onlinecampus.ue-germany.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ue-germany.de dsf.ue-germany.de onlinecampus.ue-germany.de	214 KB
6	1

	Domain	Requested by
5	dsf.ue-germany.de	dsf.ue-germany.de
1	onlinecampus.ue-germany.de	dsf.ue-germany.de
6	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ue-germany.de Thawte TLS RSA CA G1	`2023-11-28` - `2024-12-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web
Frame ID: 7050265F712D18ECA988A56EE5F2AAA6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CampusNet Login

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

214 kB
Transfer

206 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Login Show response
dsf.ue-germany.de/IdentityServer/Account/ 5 KB
8 KB 135ms
36ms Document
text/html 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

055ca0f665b2334ac0b1a2587614fe25b984223cd584fcf26c3edc9b9f57f5ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN allow-from https://onlinecampus.ue-germany.de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, odata-maxversion, odata-version, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, Slug, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, xx-dl-tenant, xx-bypass-sw
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE,MERGE,PATCH
access-control-allow-origin: https://onlinecampus.ue-germany.de
cache-control: no-cache, no-store
content-security-policy: default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
content-type: text/html; charset=utf-8
date: Fri, 15 Mar 2024 11:56:53 GMT
pragma: no-cache
request-context: appId=cid-v1:1357db97-4e75-4280-8b92-fb3d770ba520
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN allow-from https://onlinecampus.ue-germany.de

GET
H2 200 ActiveTheme
dsf.ue-germany.de/IdentityServer/Theming/ 169 KB
170 KB 28ms
28ms Stylesheet
text/css 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.ue-germany.de/IdentityServer/Theming/ActiveTheme

Requested by

Host: dsf.ue-germany.de
URL: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

be1a38f7966881cf48c4a16705982055a49b9af0241b7d35378dfceec8638fcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onlinecampus.ue-germany.de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 15 Mar 2024 11:56:53 GMT
server: Microsoft-IIS/10.0
x-frame-options: allow-from https://onlinecampus.ue-germany.de
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE,MERGE,PATCH
content-type: text/css
access-control-allow-origin: https://onlinecampus.ue-germany.de
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, odata-maxversion, odata-version, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, Slug, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, xx-dl-tenant, xx-bypass-sw
content-length: 173474
request-context: appId=cid-v1:1357db97-4e75-4280-8b92-fb3d770ba520

GET
H2 200 GetSystemImage
dsf.ue-germany.de/ImageService/ 4 KB
4 KB 98ms
97ms Image
image/svg+xml 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsf.ue-germany.de/ImageService/GetSystemImage?guid=Datenlotsen-Logo.svg&themeKey=Default&foregroundColor=%23FFFFFF&width=400&height=400

Requested by

Host: dsf.ue-germany.de
URL: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c6444c01906d512ec70f362395c7ab0f452fb99d6666fb3d47e6858384111594

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onlinecampus.ue-germany.de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 15 Mar 2024 11:56:53 GMT
server: Microsoft-IIS/10.0
x-frame-options: allow-from https://onlinecampus.ue-germany.de
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE,MERGE,PATCH
content-type: image/svg+xml
access-control-allow-origin: https://onlinecampus.ue-germany.de
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, odata-maxversion, odata-version, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, Slug, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, xx-dl-tenant, xx-bypass-sw
content-length: 4429
expires: -1

GET
H2 200 GetSystemImage
dsf.ue-germany.de/ImageService/ 2 KB
4 KB 51ms
51ms Image
image/svg+xml 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dsf.ue-germany.de/ImageService/GetSystemImage?guid=ActivityIndicator.svg&themeKey=Default&foregroundColor=%232251A3&width=250&height=250

Requested by

Host: dsf.ue-germany.de
URL: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

45f45bacad77f6fb9504633f9d070ad35162c7348abeda1dcf8d30177829fb0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onlinecampus.ue-germany.de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 15 Mar 2024 11:56:53 GMT
server: Microsoft-IIS/10.0
x-frame-options: allow-from https://onlinecampus.ue-germany.de
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE,MERGE,PATCH
content-type: image/svg+xml
access-control-allow-origin: https://onlinecampus.ue-germany.de
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, odata-maxversion, odata-version, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, Slug, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, xx-dl-tenant, xx-bypass-sw
content-length: 1873
expires: -1

GET
H2 200 dropdown.js Show response
dsf.ue-germany.de/IdentityServer/js/ 900 B
4 KB 98ms
98ms Script
application/javascript 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.ue-germany.de/IdentityServer/js/dropdown.js

Requested by

Host: dsf.ue-germany.de
URL: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2b307832b37952aecc02eb7c4dd3e23360efd9c7c65e52ac5eba5ce97fda278d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onlinecampus.ue-germany.de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dsf.ue-germany.de/IdentityServer/Account/Login?ReturnUrl=/IdentityServer/connect/authorize/callback?client_id=IdentityServer_web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Fri, 15 Mar 2024 11:56:53 GMT
content-length: 900
request-context: appId=cid-v1:1357db97-4e75-4280-8b92-fb3d770ba520
last-modified: Wed, 13 Dec 2023 06:56:49 GMT
server: Microsoft-IIS/10.0
etag: "1da2d918b370d04"
x-frame-options: allow-from https://onlinecampus.ue-germany.de
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE,MERGE,PATCH
content-type: application/javascript
access-control-allow-origin: https://onlinecampus.ue-germany.de
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-CH, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Ext, Accept-Features, Accept-Language, Accept-Params, Accept-Ranges, Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Access-Control-Request-Headers, Access-Control-Request-Method, Age, Allow, Alternates, Authentication-Info, Authorization, C-Ext, C-Man, C-Opt, C-PEP, C-PEP-Info, CONNECT, Cache-Control, Compliance, Connection, Content-Base, Content-Disposition, Content-Encoding, Content-ID, Content-Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Script-Type, Content-Security-Policy, Content-Style-Type, Content-Transfer-Encoding, Content-Type, Content-Version, Cookie, Cost, DAV, DELETE, DNT, DPR, Date, Default-Style, Delta-Base, Depth, Derived-From, Destination, Differential-ID, Digest, ETag, Expect, Expires, Ext, From, GET, GetProfile, HEAD, HTTP-date, Host, IM, If, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Keep-Alive, Label, Last-Event-ID, Last-Modified, Link, Location, Lock-Token, MIME-Version, Man, Max-Forwards, Media-Range, Message-ID, Meter, Negotiate, Non-Compliance, odata-maxversion, odata-version, OPTION, OPTIONS, OWS, Opt, Optional, Ordering-Type, Origin, Overwrite, P3P, PEP, PICS-Label, POST, PUT, Pep-Info, Permanent, Position, Pragma, ProfileObject, Protocol, Protocol-Query, Protocol-Request, Proxy-Authenticate, Proxy-Authentication-Info, Proxy-Authorization, Proxy-Features, Proxy-Instruction, Public, RWS, Range, Referer, Refresh, Resolution-Hint, Resolver-Location, Retry-After, Safe, Sec-Websocket-Extensions, Sec-Websocket-Key, Sec-Websocket-Origin, Sec-Websocket-Protocol, Sec-Websocket-Version, Security-Scheme, Server, Set-Cookie, Set-Cookie2, SetProfile, Slug, SoapAction, Status, Status-URI, Strict-Transport-Security, SubOK, Subst, Surrogate-Capability, Surrogate-Control, TCN, TE, TRACE, Timeout, Title, Trailer, Transfer-Encoding, UA-Color, UA-Media, UA-Pixels, UA-Resolution, UA-Windowpixels, URI, Upgrade, User-Agent, Variant-Vary, Vary, Version, Via, Viewport-Width, WWW-Authenticate, Want-Digest, Warning, Width, X-Content-Duration, X-Content-Security-Policy, X-Content-Type-Options, X-CustomHeader, X-DNSPrefetch-Control, X-Forwarded-For, X-Forwarded-Port, X-Forwarded-Proto, X-Frame-Options, X-Modified, X-OTHER, X-PING, X-PINGOTHER, X-Powered-By, X-Requested-With, xx-dl-tenant, xx-bypass-sw

GET
H2 200 logo.png
onlinecampus.ue-germany.de/gfx/ue/ 24 KB
24 KB 34ms
26ms Image
image/png 20.113.192.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinecampus.ue-germany.de/gfx/ue/logo.png

Requested by

Host: dsf.ue-germany.de
URL: https://dsf.ue-germany.de/IdentityServer/Theming/ActiveTheme

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

20.113.192.72 Berlin, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

095f28986d240e0acd36b1c61ca616f548e0c90df0c67662e559a1a26f61f812

Security Headers

Name	Value
Content-Security-Policy	frame-src https://dsf.ue-germany.de; frame-ancestors 'self' https://dsf.ue-germany.de;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dsf.ue-germany.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-src https://dsf.ue-germany.de; frame-ancestors 'self' https://dsf.ue-germany.de;
referrer-policy: strict-origin
x-content-type-options: nosniff
last-modified: Thu, 14 Dec 2023 09:32:18 GMT
server: Microsoft-IIS/10.0
date: Fri, 15 Mar 2024 11:56:53 GMT
etag: "75f5d6e702eda1:0"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 24432
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dsf.ue-germany.de/IdentityServer	1969-12-31 23:59:59	Name: Antiforgery.Datenlotsen.IdentityServer_ncPueDC7VOjFSNKwmGzXdaWpQ48xhM0 Value: CfDJ8JJ8E5eFgTVOhJlMQUKudqP_K67HE48Vc1ForNUiag4lOohRb9qVzqp9eMkOq5M6JTxio5BQrzQKh-4mu9kehnZ0ProVzGmNMcHD16H_M5dWWib-xuxuZIseDb9gqTVr0ISUErBJQnXpjfYaWlwpmDI

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; frame-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://int.id.bund.de https://onlinecampus.ue-germany.de https://www.hs-nb.de; connect-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; manifest-src 'self'; worker-src 'self'; frame-ancestors 'self' https://onlinecampus.ue-germany.de; trusted-types dl angular angular#unsafe-bypass angular#bundler angular#unsafe-jit google#safe; require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN allow-from https://onlinecampus.ue-germany.de

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dsf.ue-germany.de
onlinecampus.ue-germany.de
20.113.192.72
055ca0f665b2334ac0b1a2587614fe25b984223cd584fcf26c3edc9b9f57f5ca
095f28986d240e0acd36b1c61ca616f548e0c90df0c67662e559a1a26f61f812
2b307832b37952aecc02eb7c4dd3e23360efd9c7c65e52ac5eba5ce97fda278d
45f45bacad77f6fb9504633f9d070ad35162c7348abeda1dcf8d30177829fb0e
be1a38f7966881cf48c4a16705982055a49b9af0241b7d35378dfceec8638fcc
c6444c01906d512ec70f362395c7ab0f452fb99d6666fb3d47e6858384111594

dsf.ue-germany.de Open in urlscan Pro 20.113.192.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

214 kBTransfer

206 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

dsf.ue-germany.de Open in urlscan Pro
20.113.192.72 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

214 kB
Transfer

206 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions