urlscan.io logo urlscan.io
SecurityTrails logo

v1.ampstream.io Open in urlscan Pro
78.46.234.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://seminare.kindersicherheit.de/
Effective URL: https://v1.ampstream.io/login
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 78.46.234.156, located in Germany and belongs to HETZNER-AS, DE. The main domain is v1.ampstream.io.
TLS certificate: Issued by R3 on May 29th 2022. Valid for: 3 months.
This is the only time v1.ampstream.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 78.46.234.156 24940 (HETZNER-AS)
7 1
Apex Domain
Subdomains		 Transfer
8 ampstream.io
v1.ampstream.io
484 KB
1 kindersicherheit.de
seminare.kindersicherheit.de
916 B
7 2
Domain Requested by
8 v1.ampstream.io 1 redirects v1.ampstream.io
1 seminare.kindersicherheit.de 1 redirects
7 2

This site contains links to these domains. Also see Links.

Domain
www.kindersicherheit.de
www.facebook.com
Subject Issuer Validity Valid
*.ampstream.io
R3		 2022-05-29 -
2022-08-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://v1.ampstream.io/login
Frame ID: 9EE123B6A4E525A1F29C602CAFA7A7B3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BAG Mehr Sicherheit für Kinder e.V.

Page URL History Show full URLs

  1. https://seminare.kindersicherheit.de/ HTTP 302
    https://v1.ampstream.io/admin HTTP 302
    https://v1.ampstream.io/login Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

483 kB
Transfer

1385 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://seminare.kindersicherheit.de/ HTTP 302
    https://v1.ampstream.io/admin HTTP 302
    https://v1.ampstream.io/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
v1.ampstream.io/
Redirect Chain
  • https://seminare.kindersicherheit.de/
  • https://v1.ampstream.io/admin
  • https://v1.ampstream.io/login
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
e14031d1667dfcaadf31941a7bbfc8c5377a7c0b76ed24a83e47f8855715363e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 09:01:45 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 09:01:45 GMT
location
https://v1.ampstream.io/login
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app.js
v1.ampstream.io/js/ 		838 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.ampstream.io/js/app.js?id=c4885c16fe7e7539ccb4
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
4c873a17e6010fd52ff7c85d7d89c964619d92f6fd7cf3d29360c426da95179a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v1.ampstream.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jun 2022 13:10:42 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62b5b7d2-d1906"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
app.css
v1.ampstream.io/fonts/ 		6 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.ampstream.io/fonts/app.css
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
348cdded75da4e5e66ce37c865244ef4a94315b6278f0c1978d305e616717915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v1.ampstream.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Oct 2021 21:23:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"61732bef-161b"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
app.css
v1.ampstream.io/css/ 		191 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.ampstream.io/css/app.css?id=6aa508dcb2764228965b
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
cddd813f89d1e8b8f1a3ae1469eaf2e4475609b6fa8031bcbccaf8097d44542b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v1.ampstream.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Jun 2022 13:17:30 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"62baff6a-2fa8c"
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
I2tmsIUnWAMJjxykrnFFxRWmA2d0ufiKtbZKJ2mw.png
v1.ampstream.io/storage/files/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.ampstream.io/storage/files/I2tmsIUnWAMJjxykrnFFxRWmA2d0ufiKtbZKJ2mw.png
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
170f7ceda64d4920a53040ba83e5a1d3d87d807f8d6ece85f712af52bb886c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v1.ampstream.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Jun 2022 09:00:45 GMT
server
nginx
etag
"62b971bd-4cc9"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
19657
x-xss-protection
1; mode=block
ozH5P0PdDtOgYHfsf6NIkNFSAHSO4kixgwO27g1A.jpg
v1.ampstream.io/storage/files/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v1.ampstream.io/storage/files/ozH5P0PdDtOgYHfsf6NIkNFSAHSO4kixgwO27g1A.jpg
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
02bba92a815db5152ece562938bcb7e972305c3e191333c096fe80b8a84e6813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v1.ampstream.io/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Jun 2022 08:48:58 GMT
server
nginx
etag
"62bd637a-28da0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
167328
x-xss-protection
1; mode=block
ozH5P0PdDtOgYHfsf6NIkNFSAHSO4kixgwO27g1A.jpg
v1.ampstream.io/storage/files/ 		163 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://v1.ampstream.io/storage/files/ozH5P0PdDtOgYHfsf6NIkNFSAHSO4kixgwO27g1A.jpg
Requested by
Host: v1.ampstream.io
URL: https://v1.ampstream.io/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.234.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.156.234.46.78.clients.your-server.de
Software
nginx /
Resource Hash
02bba92a815db5152ece562938bcb7e972305c3e191333c096fe80b8a84e6813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer

Response headers

date
Mon, 04 Jul 2022 09:01:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Jun 2022 08:48:58 GMT
server
nginx
etag
"62bd637a-28da0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
167328
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| config string| EchoPrefix function| axios function| _ function| Pusher object| Echo object| regeneratorRuntime object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill

4 Cookies

Domain/Path Name / Value
seminare.kindersicherheit.de/ Name: XSRF-TOKEN
Value: eyJpdiI6ImtIcEdwblhZOGdQaGwwOXo3T3BqSGc9PSIsInZhbHVlIjoidzJRUnJFZkFSYWloU1M0VGZuZlJwTnorbjlPdkRZMEFBNHNJSUJGUVlQR09lcnRlMTRrZFFPeEpWZUh4eGdFUGZocDBoRDZFWUlYam5oTVl1VHZRQkk2S2FyQVRKU3N5azBqVit6OFVsbjBBcW50VWdzK0JNaDgzZG5zZGc1emIiLCJtYWMiOiI3OTc3NjM2MWQxNTJiMGQzZDhjOTQ2NThhNWU1OGY0ZjUwNThkMzY5YzJmNjM5OWEwNzdkMjNmMmY1ZGUyZGZlIiwidGFnIjoiIn0%3D
seminare.kindersicherheit.de/ Name: ampstream_webinar_session
Value: eyJpdiI6IjhtOW5RMmlxZ1VnUGJFZlRFMjdUbEE9PSIsInZhbHVlIjoicEE0SGRWd0sxWFRZT21XTVdrREhkNXpVSWhld1QwYklxNG94MndXQXdWNGtiK2prZk55QzBMdWxtU09majZIaE10eVZmNy9mZmpZNnJNTitKdXZtK0JtRFdxYnlSZWh1SmVlRWx3bnV0OEh1ckRhaGQzL2RqR0JKUWM3aWpkaWgiLCJtYWMiOiI3ODM1MWZlODQ2MmEyYTlhNWZiMjk4ZjZlNDljYTVlN2VkZmU5OTkzMmVkOTM3MTQ0OGM0Nzc1NjViMzhhNDE4IiwidGFnIjoiIn0%3D
v1.ampstream.io/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxXbEVIQTdSeklqMDRkKzFKTml5T1E9PSIsInZhbHVlIjoiUlYxbVBXZXZZZ2Zuc0ZOSzgyenBaK3V5Rk9LdUlGK09FMnVWd1Vvc2dES1puZWdOOXJXUTBkYnFRdWJMREZBV3QwTjNkQmdKaS90ZjhGcHVsbE5ZUzR0bmpUNDllWWlqQkJydEgvTFBMVi9WcVRZQlhIRmlUQTVJVCtvWU9UaUEiLCJtYWMiOiJlZWZlNzM1NzUyODM0OTQ2ZGI3ZGM3MTZiYmMxZWU1MmMyNDRjOTI4MGQ0ZmMzMjBjZDRkMjgzNWRjNjA3OWQ1IiwidGFnIjoiIn0%3D
v1.ampstream.io/ Name: ampstream_webinar_session
Value: eyJpdiI6ImtmdGo0L3lhRXB0Mm9TclBnQ1ZlcFE9PSIsInZhbHVlIjoiYjJVTUVnWXdkTDNySXFCTkdhN1FzQnFCZ2ZjNi9RZnFjR2pJOG1tZG8zYmJHMFY5YnRsMkFESC9sRG5BSVdHZkN4N2QyYXhkWVVYSmlQQkRPc0NkamZSRjY1djZNWGxnL0FXaHNvZnJuVk8xQjU2WlhCNUNjNzVFUzN5Zzh4Z0oiLCJtYWMiOiJkZTg5MTY1NjM3M2JkNTZjYmFlZmQxOTAxYzY5Y2ZhMWZhNWRlZjRiNjFjNzQxZjNmNGZlM2YxMGI3Yzk1NzJmIiwidGFnIjoiIn0%3D

1 Console Messages

Source Level URL
Text
security warning URL: https://v1.ampstream.io/login(Line 174)
Message:
Mixed Content: The page at 'https://v1.ampstream.io/login' was loaded over HTTPS, but requested an insecure element 'http://v1.ampstream.io/storage/files/ozH5P0PdDtOgYHfsf6NIkNFSAHSO4kixgwO27g1A.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block