![](/screenshots/bc8afe50-e2d9-45df-aea5-6d7bd3f1b518.png)
stage-evidenzstelle.sparkasse.de
Open in
urlscan Pro
18.184.109.129
Public Scan
Effective URL: https://stage-evidenzstelle.sparkasse.de/auth/login
Submission: On March 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by D-TRUST SSL Class 3 CA 1 EV 2009 on March 5th 2019. Valid for: a year.
This is the only time stage-evidenzstelle.sparkasse.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 18.184.109.129 18.184.109.129 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 78.46.220.242 78.46.220.242 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 192.229.233.55 192.229.233.55 | 15133 (EDGECAST) (EDGECAST) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE) | |
17 | 5 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-109-129.eu-central-1.compute.amazonaws.com
stage-evidenzstelle.sparkasse.de |
ASN24940 (HETZNER-AS, DE)
PTR: webfonts.sparkasse.de
webfonts.sparkasse.de |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
sparkasse.de
1 redirects
stage-evidenzstelle.sparkasse.de webfonts.sparkasse.de |
499 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
tagcommander.com
cdn.tagcommander.com |
9 KB |
17 | 3 |
Domain | Requested by | |
---|---|---|
14 | stage-evidenzstelle.sparkasse.de |
1 redirects
stage-evidenzstelle.sparkasse.de
|
2 | www.google-analytics.com |
cdn.tagcommander.com
stage-evidenzstelle.sparkasse.de |
1 | cdn.tagcommander.com |
stage-evidenzstelle.sparkasse.de
|
1 | webfonts.sparkasse.de |
stage-evidenzstelle.sparkasse.de
|
17 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
extranet.sparkasse.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
evidenzstelle.sparkasse.de D-TRUST SSL Class 3 CA 1 EV 2009 |
2019-03-05 - 2020-03-08 |
a year | crt.sh |
webfonts.sparkasse.de D-TRUST SSL Class 3 CA 1 2009 |
2019-11-25 - 2020-11-28 |
a year | crt.sh |
cdn.tagcommander.com DigiCert SHA2 Secure Server CA |
2017-10-26 - 2020-04-12 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://stage-evidenzstelle.sparkasse.de/auth/login
Frame ID: 268D1BF07C276CE03C4E05D5462AC4FA
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/bc8afe50-e2d9-45df-aea5-6d7bd3f1b518.png)
Page URL History Show full URLs
-
https://stage-evidenzstelle.sparkasse.de/
HTTP 302
https://stage-evidenzstelle.sparkasse.de/auth/login Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: extranet.sparkasse.de
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://stage-evidenzstelle.sparkasse.de/
HTTP 302
https://stage-evidenzstelle.sparkasse.de/auth/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
stage-evidenzstelle.sparkasse.de/auth/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkasse_web.css
webfonts.sparkasse.de/ |
397 KB 300 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.3.7.min.css
stage-evidenzstelle.sparkasse.de/css/ |
148 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
stage-evidenzstelle.sparkasse.de/js/jquery-ui-1.10.4/themes/base/minified/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
stage-evidenzstelle.sparkasse.de/css/front/ |
72 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
stage-evidenzstelle.sparkasse.de/images/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.1.min.js
stage-evidenzstelle.sparkasse.de/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.9.2.custom.min.js
stage-evidenzstelle.sparkasse.de/js/ |
232 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.form-validator.js
stage-evidenzstelle.sparkasse.de/js/form-validator/ |
74 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.placeholder.min.js
stage-evidenzstelle.sparkasse.de/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.fileupload.js
stage-evidenzstelle.sparkasse.de/js/ |
61 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.3.7.min.js
stage-evidenzstelle.sparkasse.de/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tc_Evidenzstelle.js
cdn.tagcommander.com/2792/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
41 KB 41 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
31 KB 31 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfp-evidenzstelle-icons.ttf
stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/ |
9 KB 10 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| DP_jQuery_1583149311073 object| jQuery111108795805325010924 string| instanceUrl string| sessionWarnStr object| tc_vars function| tc_events_18 function| tC object| result function| tC2792_18 string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sparkasse.de/ | Name: _gat Value: 1 |
|
.sparkasse.de/ | Name: _gid Value: GA1.2.2044765318.1583149311 |
|
.sparkasse.de/ | Name: _ga Value: GA1.2.511442661.1583149311 |
|
.sparkasse.de/ | Name: TCPID Value: 120311241516483270332 |
|
.stage-evidenzstelle.sparkasse.de/ | Name: PHPSESSID Value: kac9tenvbgea224isde3flkikt |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tagcommander.com www.google-analytics.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; style-src 'self' 'unsafe-inline' https://webfonts.sparkasse.de https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; font-src 'self' data: https://webfonts.sparkasse.de; child-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; frame-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://twitter.com http://twitter.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com https://sparkassen-mediacenter.de; img-src 'self' data: blob: www.google-analytics.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; connect-src 'self' https://*.twitter.com http://*.twitter.com; |
Strict-Transport-Security | max-age=63072000; includeSubdomains; |
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN, SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.tagcommander.com
stage-evidenzstelle.sparkasse.de
webfonts.sparkasse.de
www.google-analytics.com
18.184.109.129
192.229.233.55
2a00:1450:4001:821::200e
78.46.220.242
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
0fd9b29f088a856731ec66eef1d638973b568ce0bee279baec3b373a2618ed3d
1db458a97447dfded5eeb954df5048fc56500528691820f6e0854b607c330d72
2add0d29b1d81d6bf4f62e7679d09edc9f2684399199ba91c88051282cbc969b
39ff04414cf03addf482270982cd193e94de46b8c1ee667bc4af0d795a1a6d3c
49cb9ff9128211321b8830e71d5e2ce1cd4d7b9fd296788469069ea5f6889426
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a643ec143dc69fbe43c438c31316b31b5e2df9a768b30a8a6d38bc25f146a36
6935a48cad75365f0027f1a419d85a30d6e9e842a60955ba53a2496abc0778c4
730bec52cc44fa4700fb0572ca013500e94ddf6b9351775b3023989c3c3bf5f5
77c25456f59628cab590d889c19626e2dd56580456437c508600d799db369719
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93df01b1cc9f80770ac2569e37b09b53b4761f25999bc5637379b1ddaee34cfb
b14a45d0ed55a3b9108a59012c0df308fa2bc267705b311c32aa5b45d2c43ab2
b5cc04089e06bdb682497b88c18a0aaa1eed1c1b01cb462ce0cd084389777a88
b5ea79b5a27b5c5e16b383d0448b1ad67b0ad888ccb8643b98014d10baaac136
e46d69be9474ca435a2c32dfcde287b3afa4d7499405926d9506aa17d70f21ce
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f