stage-evidenzstelle.sparkasse.de Open in urlscan Pro
18.184.109.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://stage-evidenzstelle.sparkasse.de/
Effective URL:
https://stage-evidenzstelle.sparkasse.de/auth/login
Submission: On March 02 via automatic, source certstream-suspicious (March 2nd 2020, 11:42:09 am UTC)

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 18.184.109.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is stage-evidenzstelle.sparkasse.de.
TLS certificate: Issued by D-TRUST SSL Class 3 CA 1 EV 2009 on March 5th 2019. Valid for: a year.

This is the only time stage-evidenzstelle.sparkasse.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	18.184.109.129 18.184.109.129	16509 (AMAZON-02) (AMAZON-02)
1	78.46.220.242 78.46.220.242	24940 (HETZNER-AS) (HETZNER-AS)
1	192.229.233.55 192.229.233.55	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
17	5

14 18.184.109.129 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

stage-evidenzstelle.sparkasse.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.220.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: webfonts.sparkasse.de

webfonts.sparkasse.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.55 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sparkasse.de 1 redirects stage-evidenzstelle.sparkasse.de webfonts.sparkasse.de	499 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	tagcommander.com cdn.tagcommander.com	9 KB
17	3

	Domain	Requested by
14	stage-evidenzstelle.sparkasse.de	1 redirects stage-evidenzstelle.sparkasse.de
2	www.google-analytics.com	cdn.tagcommander.com stage-evidenzstelle.sparkasse.de
1	cdn.tagcommander.com	stage-evidenzstelle.sparkasse.de
1	webfonts.sparkasse.de	stage-evidenzstelle.sparkasse.de
17	4

This site contains links to these domains. Also see Links.

Domain
extranet.sparkasse.de

Subject Issuer	Validity	Valid
evidenzstelle.sparkasse.de D-TRUST SSL Class 3 CA 1 EV 2009	`2019-03-05` - `2020-03-08`	a year	crt.sh
webfonts.sparkasse.de D-TRUST SSL Class 3 CA 1 2009	`2019-11-25` - `2020-11-28`	a year	crt.sh
cdn.tagcommander.com DigiCert SHA2 Secure Server CA	`2017-10-26` - `2020-04-12`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stage-evidenzstelle.sparkasse.de/auth/login
Frame ID: 268D1BF07C276CE03C4E05D5462AC4FA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://stage-evidenzstelle.sparkasse.de/ HTTP 302
https://stage-evidenzstelle.sparkasse.de/auth/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /bootstrap[.-]([\d.]*\d)[^\/]*\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

633 kB
Transfer

1349 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://extranet.sparkasse.de/backend/admin_user_be/index_registration.php
Title: extranet.sparkasse.de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stage-evidenzstelle.sparkasse.de/ HTTP 302
https://stage-evidenzstelle.sparkasse.de/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
stage-evidenzstelle.sparkasse.de/auth/
Redirect Chain

https://stage-evidenzstelle.sparkasse.de/
https://stage-evidenzstelle.sparkasse.de/auth/login

8 KB
4 KB

100ms
97ms

Document
text/html

18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

0fd9b29f088a856731ec66eef1d638973b568ce0bee279baec3b373a2618ed3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tagcommander.com www.google-analytics.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; style-src 'self' 'unsafe-inline' https://webfonts.sparkasse.de https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; font-src 'self' data: https://webfonts.sparkasse.de; child-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; frame-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://twitter.com http://twitter.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com https://sparkassen-mediacenter.de; img-src 'self' data: blob: www.google-analytics.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; connect-src 'self' https://.twitter.com http://.twitter.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Host: stage-evidenzstelle.sparkasse.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=kac9tenvbgea224isde3flkikt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tagcommander.com www.google-analytics.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; style-src 'self' 'unsafe-inline' https://webfonts.sparkasse.de https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; font-src 'self' data: https://webfonts.sparkasse.de; child-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; frame-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://twitter.com http://twitter.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com https://sparkassen-mediacenter.de; img-src 'self' data: blob: www.google-analytics.com https://*.twitter.com http://*.twitter.com https://*.twimg.com http://*.twimg.com; connect-src 'self' https://*.twitter.com http://*.twitter.com;
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Mar 2020 11:41:50 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN, SAMEORIGIN SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block
Content-Length: 2325
Connection: keep-alive

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Mon, 02 Mar 2020 11:41:50 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: /auth/login
Pragma: no-cache
Server: Apache
Set-Cookie: PHPSESSID=kac9tenvbgea224isde3flkikt; path=/; domain=.stage-evidenzstelle.sparkasse.de; secure; HttpOnly;HttpOnly;Secure;HttpOnly;Secure
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-XSS-Protection: 1; mode=block 1; mode=block
Content-Length: 0
Connection: keep-alive

GET
H2 200 sparkasse_web.css
webfonts.sparkasse.de/ 397 KB
300 KB 42ms
15ms Stylesheet
text/css 78.46.220.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.sparkasse.de/sparkasse_web.css
Requested by: Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.46.220.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: webfonts.sparkasse.de
Software: Apache /
Resource Hash: b14a45d0ed55a3b9108a59012c0df308fa2bc267705b311c32aa5b45d2c43ab2

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 02 Mar 2020 11:41:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Aug 2019 11:08:47 GMT
server: Apache
access-control-allow-origin: *
etag: "634b1-59025e5d750c7-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
expires: Wed, 01 Apr 2020 11:41:50 GMT

GET
H/1.1 200
OK style.css
stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/ 3 KB
1 KB 11ms
9ms Stylesheet
text/css 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/style.css

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6935a48cad75365f0027f1a419d85a30d6e9e842a60955ba53a2496abc0778c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 740
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK bootstrap-3.3.7.min.css
stage-evidenzstelle.sparkasse.de/css/ 148 KB
21 KB 40ms
29ms Stylesheet
text/css 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/css/bootstrap-3.3.7.min.css

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

730bec52cc44fa4700fb0572ca013500e94ddf6b9351775b3023989c3c3bf5f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 21303
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery-ui.min.css
stage-evidenzstelle.sparkasse.de/js/jquery-ui-1.10.4/themes/base/minified/ 25 KB
5 KB 25ms
10ms Stylesheet
text/css 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/jquery-ui-1.10.4/themes/base/minified/jquery-ui.min.css

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

49cb9ff9128211321b8830e71d5e2ce1cd4d7b9fd296788469069ea5f6889426

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 4889
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK style.css
stage-evidenzstelle.sparkasse.de/css/front/ 72 KB
12 KB 36ms
21ms Stylesheet
text/css 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/css/front/style.css?201610010

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

2add0d29b1d81d6bf4f62e7679d09edc9f2684399199ba91c88051282cbc969b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 11860
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK logo.svg
stage-evidenzstelle.sparkasse.de/images/ 5 KB
6 KB 36ms
20ms Image
image/svg+xml 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stage-evidenzstelle.sparkasse.de/images/logo.svg

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1db458a97447dfded5eeb954df5048fc56500528691820f6e0854b607c330d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5454
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
stage-evidenzstelle.sparkasse.de/js/ 94 KB
33 KB 44ms
28ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/jquery-1.11.1.min.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 33225
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.min.js Show response
stage-evidenzstelle.sparkasse.de/js/ 232 KB
62 KB 42ms
37ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/jquery-ui-1.9.2.custom.min.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
transfer-encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery.form-validator.js Show response
stage-evidenzstelle.sparkasse.de/js/form-validator/ 74 KB
19 KB 25ms
25ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/form-validator/jquery.form-validator.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

77c25456f59628cab590d889c19626e2dd56580456437c508600d799db369719

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 18765
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery.placeholder.min.js Show response
stage-evidenzstelle.sparkasse.de/js/ 3 KB
2 KB 9ms
8ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/jquery.placeholder.min.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

93df01b1cc9f80770ac2569e37b09b53b4761f25999bc5637379b1ddaee34cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1272
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK jquery.fileupload.js Show response
stage-evidenzstelle.sparkasse.de/js/ 61 KB
13 KB 12ms
11ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/jquery.fileupload.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5a643ec143dc69fbe43c438c31316b31b5e2df9a768b30a8a6d38bc25f146a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 13037
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK bootstrap-3.3.7.min.js Show response
stage-evidenzstelle.sparkasse.de/js/ 36 KB
10 KB 11ms
10ms Script
application/javascript 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/js/bootstrap-3.3.7.min.js

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

39ff04414cf03addf482270982cd193e94de46b8c1ee667bc4af0d795a1a6d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 02 Mar 2020 11:41:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 9930
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H2 200 tc_Evidenzstelle.js Show response
cdn.tagcommander.com/2792/ 29 KB
9 KB 45ms
8ms Script
application/javascript 192.229.233.55
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tagcommander.com/2792/tc_Evidenzstelle.js
Requested by: Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.55 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40EA) /
Resource Hash: b5cc04089e06bdb682497b88c18a0aaa1eed1c1b01cb462ce0cd084389777a88

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 02 Mar 2020 11:41:51 GMT
content-encoding: gzip
x-cdn: VDMS
age: 81215
x-cache: HIT
status: 200
x-amz-request-id: 42107EF495BFD8A5
x-amz-id-2: VGWuv0p8dNBgX0ftjkGlcC8b6xb9F61eICbjjy/7bst79FfH5oBG4GykJ3v4AzIuGPD+ZoeUY2M=
last-modified: Thu, 20 Sep 2018 12:28:23 GMT
server: ECS (fcn/40EA)
etag: "e8ec04be6166f5b76e8c95d912f1ac6d+gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
content-length: 9395
expires: Tue, 03 Mar 2020 11:41:51 GMT

GET
DATA 200
OK truncated
/ 41 KB
41 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Origin: https://stage-evidenzstelle.sparkasse.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Origin: https://stage-evidenzstelle.sparkasse.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e46d69be9474ca435a2c32dfcde287b3afa4d7499405926d9506aa17d70f21ce

Request headers

Origin: https://stage-evidenzstelle.sparkasse.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK sfp-evidenzstelle-icons.ttf
stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/ 9 KB
10 KB 8ms
8ms Font
application/font-sfnt 18.184.109.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/sfp-evidenzstelle-icons.ttf?vpu1pb

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/js/jquery-1.11.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.109.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-109-129.eu-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b5ea79b5a27b5c5e16b383d0448b1ad67b0ad888ccb8643b98014d10baaac136

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/fonts/sfp-evidenzstelle-icons/style.css
Origin: https://stage-evidenzstelle.sparkasse.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Mar 2020 11:41:51 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff, nosniff
Last-Modified: Wed, 12 Feb 2020 22:32:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: application/font-sfnt
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9332
X-XSS-Protection: 1; mode=block, 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/2792/tc_Evidenzstelle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6580
date: Mon, 02 Mar 2020 09:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 02 Mar 2020 11:52:11 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=643336323&t=pageview&_s=1&dl=https%3A%2F%2Fstage-evidenzstelle.sparkasse.de%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=Evidenzstelle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1332572456&gjid=957655200&cid=511442661.1583149311&tid=UA-63643777-19&_gid=2044765318.1583149311&_r=1&cd1=&cd2=&cd3=&cd4=&cd5=&z=488360161

Requested by

Host: stage-evidenzstelle.sparkasse.de
URL: https://stage-evidenzstelle.sparkasse.de/auth/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stage-evidenzstelle.sparkasse.de/auth/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 02 Mar 2020 11:41:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sparkasse.de/	1970-01-19 07:45:49	Name: _gat Value: 1
.sparkasse.de/	1970-01-19 07:47:15	Name: _gid Value: GA1.2.2044765318.1583149311
.sparkasse.de/	1970-01-20 01:17:01	Name: _ga Value: GA1.2.511442661.1583149311
.sparkasse.de/	1970-01-19 16:31:25	Name: TCPID Value: 120311241516483270332
.stage-evidenzstelle.sparkasse.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: kac9tenvbgea224isde3flkikt

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tagcommander.com www.google-analytics.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; style-src 'self' 'unsafe-inline' https://webfonts.sparkasse.de https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; font-src 'self' data: https://webfonts.sparkasse.de; child-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; frame-src 'self' http://www.youtube.com https://www.youtube.com http://youtube.com https://youtube.com http://youtu.be https://youtu.be https://player.vimeo.com http://player.vimeo.com https://www.vimeo.com http://www.vimeo.com https://vimeo.com http://vimeo.com https://twitter.com http://twitter.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com https://sparkassen-mediacenter.de; img-src 'self' data: blob: www.google-analytics.com https://.twitter.com http://.twitter.com https://.twimg.com http://.twimg.com; connect-src 'self' https://.twitter.com http://.twitter.com;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tagcommander.com
stage-evidenzstelle.sparkasse.de
webfonts.sparkasse.de
www.google-analytics.com
18.184.109.129
192.229.233.55
2a00:1450:4001:821::200e
78.46.220.242
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
0fd9b29f088a856731ec66eef1d638973b568ce0bee279baec3b373a2618ed3d
1db458a97447dfded5eeb954df5048fc56500528691820f6e0854b607c330d72
2add0d29b1d81d6bf4f62e7679d09edc9f2684399199ba91c88051282cbc969b
39ff04414cf03addf482270982cd193e94de46b8c1ee667bc4af0d795a1a6d3c
49cb9ff9128211321b8830e71d5e2ce1cd4d7b9fd296788469069ea5f6889426
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a643ec143dc69fbe43c438c31316b31b5e2df9a768b30a8a6d38bc25f146a36
6935a48cad75365f0027f1a419d85a30d6e9e842a60955ba53a2496abc0778c4
730bec52cc44fa4700fb0572ca013500e94ddf6b9351775b3023989c3c3bf5f5
77c25456f59628cab590d889c19626e2dd56580456437c508600d799db369719
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93df01b1cc9f80770ac2569e37b09b53b4761f25999bc5637379b1ddaee34cfb
b14a45d0ed55a3b9108a59012c0df308fa2bc267705b311c32aa5b45d2c43ab2
b5cc04089e06bdb682497b88c18a0aaa1eed1c1b01cb462ce0cd084389777a88
b5ea79b5a27b5c5e16b383d0448b1ad67b0ad888ccb8643b98014d10baaac136
e46d69be9474ca435a2c32dfcde287b3afa4d7499405926d9506aa17d70f21ce
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f

stage-evidenzstelle.sparkasse.de Open in urlscan Pro 18.184.109.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

633 kBTransfer

1349 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

stage-evidenzstelle.sparkasse.de Open in urlscan Pro
18.184.109.129 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

633 kB
Transfer

1349 kB
Size

5
Cookies

17 HTTP transactions
3 data transactions