urlscan.io logo urlscan.io
SecurityTrails logo

collage-service.alltagshelden.online Open in urlscan Pro
67.207.78.95  Public Scan

Go To Rescan Add Verdict Report
URL: https://collage-service.alltagshelden.online/
Submission: On March 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 67.207.78.95, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is collage-service.alltagshelden.online.
TLS certificate: Issued by R3 on March 11th 2021. Valid for: 3 months.
This is the only time collage-service.alltagshelden.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 67.207.78.95 14061 (DIGITALOC...)
1 1 206.189.248.171 14061 (DIGITALOC...)
1 2600:9000:218... 16509 (AMAZON-02)
8 3
Domain Requested by
4 auth.alltagshelden.online collage-service.alltagshelden.online
3 collage-service.alltagshelden.online collage-service.alltagshelden.online
1 content.jwplatform.com collage-service.alltagshelden.online
1 cdn.equeo.de 1 redirects
8 4

This site contains no links.

Subject Issuer Validity Valid
alltagshelden.online
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
auth.alltagshelden.online
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://collage-service.alltagshelden.online/
Frame ID: 70847AF7FA03EC5134FF1A3267588BF6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

63 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

1529 kB
Transfer

2832 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.equeo.de/libraries/b84YGats.js HTTP 302
  • https://content.jwplatform.com/libraries/b84YGats.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
collage-service.alltagshelden.online/ 		505 B
500 B 		Document
General
Check archive.org
Download Go to
Full URL
https://collage-service.alltagshelden.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
d639e35ed0b44751a75c42643194704942ea0728d01ab309eb6f31f9105aadeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
collage-service.alltagshelden.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.19.8
date
Mon, 22 Mar 2021 08:57:08 GMT
content-type
text/html
last-modified
Fri, 19 Mar 2021 10:16:17 GMT
etag
W/"605479f1-1f9"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
style.css
collage-service.alltagshelden.online/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://collage-service.alltagshelden.online/style.css
Requested by
Host: collage-service.alltagshelden.online
URL: https://collage-service.alltagshelden.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
21fd01d1e9a0f0e0bf9f110e4c8f4a67a43523052011e8491030c1f4b8596d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://collage-service.alltagshelden.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 08:57:08 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 10:16:17 GMT
server
nginx/1.19.8
etag
W/"605479f1-4774"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
b84YGats.js
content.jwplatform.com/libraries/
Redirect Chain
  • https://cdn.equeo.de/libraries/b84YGats.js
  • https://content.jwplatform.com/libraries/b84YGats.js
112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/b84YGats.js
Requested by
Host: collage-service.alltagshelden.online
URL: https://collage-service.alltagshelden.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:f800:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6656336497a2f3e7ed87454bd3dbfbfe37d7745be4db05753a5d7b61a55e9b00

Request headers

Referer
https://collage-service.alltagshelden.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 08:54:48 GMT
content-encoding
gzip
server
openresty
age
141
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
DUS51-C1
content-length
37138
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-id
LM8D75-b6WLj0HwZmtyA9UWmsV9FnO5_g_oPz7EzbNmkz1EDzz8yZg==
expires
Mon, 22 Mar 2021 08:57:18 GMT

Redirect headers

location
https://content.jwplatform.com/libraries/b84YGats.js
date
Mon, 22 Mar 2021 08:57:09 GMT
server
nginx/1.19.7
content-length
145
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
app20.js
collage-service.alltagshelden.online/ 		2 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://collage-service.alltagshelden.online/app20.js
Requested by
Host: collage-service.alltagshelden.online
URL: https://collage-service.alltagshelden.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
a562c62ad5422bbbe665df8b5af50ea8d92a0d7de92b71e2da708a9f05c8f68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://collage-service.alltagshelden.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Mar 2021 08:57:08 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 10:16:17 GMT
server
nginx/1.19.8
etag
W/"605479f1-25d411"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
truncated
/ 		269 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a06449de547c508e6b7a606e192a499db601b63938906bfd922c0210d23a0144

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e7bd4627b5e8f15cc016d4ebd9e74d393b327e39743392d6250d88fa15715dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
token
auth.alltagshelden.online/oauth/ 		113 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.alltagshelden.online/oauth/token
Requested by
Host: collage-service.alltagshelden.online
URL: https://collage-service.alltagshelden.online/app20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
aa15fd2b21803453fc8db6f14f6744372b0a6a7f0106525cf0ecd3428125fbf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://collage-service.alltagshelden.online/
X-Requested-With
XMLHttpRequest
Authorization
Basic ZXJnb2NpbmVtYV9jbGllbnQ6V2RHQ2dBVXI4S2dER2lVP3ZLaW1MWEpQUS1l
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary05EBQbXv93lFB42B

Response headers

pragma
no-cache
date
Mon, 22 Mar 2021 08:57:09 GMT
content-encoding
gzip
server
nginx/1.19.8
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://collage-service.alltagshelden.online
cache-control
no-store
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
x-application-context
application:production
token
auth.alltagshelden.online/oauth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.alltagshelden.online/oauth/token
Protocol
H2
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,x-requested-with
Origin
https://collage-service.alltagshelden.online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.19.8
date
Mon, 22 Mar 2021 08:57:09 GMT
content-length
0
access-control-allow-origin
https://collage-service.alltagshelden.online
vary
Origin
access-control-allow-methods
POST
access-control-allow-headers
authorization, x-requested-with
access-control-allow-credentials
true
access-control-max-age
1800
strict-transport-security
max-age=31536000; includeSubDomains
95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
auth.alltagshelden.online/rest/api/v1/registerInstance/application/ 		60 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.alltagshelden.online/rest/api/v1/registerInstance/application/95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
Requested by
Host: collage-service.alltagshelden.online
URL: https://collage-service.alltagshelden.online/app20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
61af687ac58342b13bbfa6670f81eb047f6ddbeccf194dc9ee7b28c0ea373565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://collage-service.alltagshelden.online/
X-Requested-With
XMLHttpRequest
Authorization
Bearer 128f84a9-2d57-456d-a52c-6e29314c41dc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDcwNH570gPWd8e2O

Response headers

date
Mon, 22 Mar 2021 08:57:10 GMT
server
nginx/1.19.8
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://collage-service.alltagshelden.online
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
x-application-context
application:production
95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
auth.alltagshelden.online/rest/api/v1/registerInstance/application/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.alltagshelden.online/rest/api/v1/registerInstance/application/95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
Protocol
H2
Server
67.207.78.95 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.19.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,x-requested-with
Origin
https://collage-service.alltagshelden.online
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.19.8
date
Mon, 22 Mar 2021 08:57:09 GMT
content-length
0
access-control-allow-origin
https://collage-service.alltagshelden.online
vary
Origin
access-control-allow-methods
POST
access-control-allow-headers
authorization, x-requested-with
access-control-allow-credentials
true
access-control-max-age
1800
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| jwDefaults object| webpackJsonpjwplayer function| jwplayer function| setImmediate function| clearImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| _ablyjs_jsonp function| JSONPTransport object| ablyConnectivity

0 Cookies

24 Console Messages

Source Level URL
Text
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
checkCinema false
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
checkCinema2 false true 6 10 0 4
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
useEffect isAdmin false
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
cinema use effect 6 0 false
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
registerinstance init
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper getInstanceId null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
cant access db, getting local instance id null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
register instance got from uuid 1 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper setInstanceId 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
cant set instance to store in FN, setting it locally 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper getAuth null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
error getting auth from store null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper getInstanceId 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
cant access db, getting local instance id 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
authFromStore 2 null 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
pre auth init 3 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper getAuth null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
error getting auth from store null
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
initAuth1 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
_registerClient 95b78780-8aec-11eb-8c96-a1fe7ad6fc8e
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
online at start
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
initAuth2
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
initAuth3
console-api log URL: https://collage-service.alltagshelden.online/app20.js(Line 2)
Message:
RegisterInstanceHelper setAuth [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains