sparkse.info Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jabx.net/0rs1b
Effective URL:
https://sparkse.info/Start
Submission: On May 16 via automatic, source phishtank (May 16th 2023, 7:44:38 pm UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sparkse.info.
TLS certificate: Issued by GTS CA 1P5 on May 5th 2023. Valid for: 3 months.

This is the only time sparkse.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sparkasse (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.238.221.155 104.238.221.155	23470 (RELIABLESITE) (RELIABLESITE)
2 2	185.230.61.180 185.230.61.180	58182 (WIX_COM) (WIX_COM)
1 26	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2

2 104.238.221.155 (United States) 2 redirects

ASN23470 (RELIABLESITE, US)
PTR: fu.fastupload.io

jabx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.230.61.180 (San Jose, United States) 2 redirects

ASN58182 (WIX_COM, IL)
PTR: unalocated.61.wixsite.com

kundenportal.hopp.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sparkse.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sparkse.info 1 redirects sparkse.info	981 KB
2	hopp.to 2 redirects kundenportal.hopp.to	1 KB
2	jabx.net 2 redirects jabx.net	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	28 KB
26	4

	Domain	Requested by
26	sparkse.info	1 redirects sparkse.info
2	kundenportal.hopp.to	2 redirects
2	jabx.net	2 redirects
1	cdnjs.cloudflare.com	sparkse.info
26	4

This site contains no links.

Subject Issuer	Validity	Valid
sparkse.info GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sparkse.info/Start
Frame ID: 7F3BE5A0BDFA35806A14B4BCA8A6A12A
Requests: 23 HTTP requests in this frame

Frame: https://sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/invisible.js
Frame ID: 19199AE6E41F3EFBDF8597A3ACE50AD4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sparkasse | Wir ändern unsere Nutzungsbedingungen!

Page URL History Show full URLs

http://jabx.net/0rs1b HTTP 301
https://jabx.net/0rs1b HTTP 301
https://kundenportal.hopp.to/sparkse1d/ HTTP 302
https://kundenportal.hopp.to/sparkse1d HTTP 302
https://sparkse.info/Start Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

1009 kB
Transfer

4385 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jabx.net/0rs1b HTTP 301
https://jabx.net/0rs1b HTTP 301
https://kundenportal.hopp.to/sparkse1d/ HTTP 302
https://kundenportal.hopp.to/sparkse1d HTTP 302
https://sparkse.info/Start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://sparkse.info/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/invisible.js

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Start Show response
sparkse.info/
Redirect Chain

http://jabx.net/0rs1b
https://jabx.net/0rs1b
https://kundenportal.hopp.to/sparkse1d/
https://kundenportal.hopp.to/sparkse1d
https://sparkse.info/Start

153 KB
48 KB

664ms
583ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfb60612e54bf90e06da12dda76f1f1f1920ecf4629ea7ec9a0dd65df8d88c59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c861da81d38363f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 May 2023 19:44:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kay83I2pdP7Qz7fZZm%2Bp3daL5U1ywxlRshdIu4fX64MUNGdBp6ohSSUZuOEafgbvAjhK0rvLhjT3cYRUUClG1EL2A1kfmIelM0eUhoaUc0uiynZPPZozOHS9PM4YSmCUo0fhCkC%2F8z0sZ4U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache
content-length: 96
content-type: text/html; charset=utf-8
date: Tue, 16 May 2023 19:44:31 GMT
location: https://sparkse.info/Start
pragma: no-cache
server: Pepyaka/1.19.10
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-seen-by: m0j2EEknGIVUW/liY8BLLp7Y6RSVJ7K32tAyhVXc0AWWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrTfzdeNHxGN8yMy5km3/++pEQfi00LSS7LJu7sdkoLsD/w+LInxbLqkf8vusABWS5Q==,r6yY0ta7bIKrqK70x072ldXylRLNOkeQXxO8qBT8u0E=,ha2BjfnpoaWsa89DnyiXUGYBqf2AejQ55hOO4Z8SDjZWd3xniMsr1HjrszKGvMzr,Z2CFKmJrH4amwwcNldXNqWNnEw8ICpACT+R5Lkp6mRia6jIsxv19OpCP7zoUH0EKzEzq16rTuBBXnv9khVPPlQ==
x-wix-request-id: 1684266271.5728026603975225291

GET
H2 200 sp_styles.css
sparkse.info/assets/css/ 2 MB
214 KB 685ms
683ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/sp_styles.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cdb874ad1a4a0623414f048ec39df6607f87a6dd123830a9bfef18b359e8347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2237d5-5faf8c6924e4a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3KadDFJ8l5Pu7%2F%2BTZLXNmqxLw7PuzhdYyHz5C6VInDQSTMUR7pvEL4NBkaVwmxUGFtvyvQRRdil2880tcsTAQZxh8PJuOwYHy1eMnnuajT1FWVA401imFyRwMXHkZ3kVnzjJNjdyBamUdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c861daa78a2363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sp_scripts.js Show response
sparkse.info/assets/js/ 641 KB
159 KB 851ms
850ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/js/sp_scripts.js
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340e931741c7162a2f4365577878e7b90d015114993168afbd2c40b674984380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:15:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a02aa-5faf8c943f458-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u%2F070w24Wk%2F1T1OIt%2F%2BaRgBQt%2BO8V%2F%2FulP6fASnBNJ%2F7rBGkowjTcv5Ttmf0p1a2vWIiA5j1X1kbLCn7%2FDxdE8aEm3hljfJNHkAJptC4NrtkSztCRmjJpJNE9dUsiMBkZHOBOByNVMvGHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c861daa78a9363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 toast.css
sparkse.info/assets/css/ 639 KB
76 KB 669ms
668ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/toast.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1586adc8f49ebd0d1deca54b3bc9d1850e7f299b0880b61e6520a7cf2f336a17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9fb6e-5faf8c6a885e5-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efPTvA1ql6lILJM4XlA4IbO75rNvIm0rsgrqNFt0da%2Fv4%2BGeVGJzPVVGfwBU4kHsvq6pUaiseEXcfS2%2FVWVCmHz93f9wnlcbF1HDC4ZTUjP%2FdcifuSwAbMm8vfkdpH4tQql60KASNs8FIOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c861daa78a4363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sun.css
sparkse.info/assets/css/ 14 KB
3 KB 340ms
339ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/sun.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91bcf65d01abb7d971cf9dda8046e8c20f9c4c53b849c656301b46e7b8131e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3721-5faf8c6924e4a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhNQY3mQLu3fPFY2ew3D4pCqmF83Jv6sT02BDN81i%2FmKVEU5w41wmDdmd0LlybAZJRqplH%2FtVd%2Fs%2FDaaBM8vv%2B8vC6DzMtNgzWrjIdkuNy8wWzgMMUK%2F0psMs5Z2QLY84pAp0KOMrtts7qQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c861daa78a5363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gridz_structure.css
sparkse.info/assets/css/ 52 KB
7 KB 343ms
342ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/gridz_structure.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ce4b-5faf8c67cf170-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANvlrvSK1poLS4t5f3V7FnGHlBM7y5l%2FX9snJbC6IIJQU2zetoUohC3vc6ItHcDolHV84NU%2FtFH8Djq%2B2kVJjhtuGxSomWuFJC0FIs3d3z9Rf1QnrJPr7SaCFGB%2BZ%2FOjhlu5gezFdF7u6Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c861daa78a6363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 light_styles.css
sparkse.info/assets/css/ 5 KB
2 KB 349ms
348ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/light_styles.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e29c203255ea561c5057e915995667190e189d02c3d5a3e840ab28d2b26b33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"13c0-5faf8c67d0110-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcFe3ngBBIFxYVF0d1J2YCvciI7rI5ABXNdKuUJED6KIL583ruqUApBXfIByqR1%2BKrGfkT33H8naGfJiFOE%2Bs1ejkoN3NQ1tY5WraV1iwDzq4MOqVWksPxHwReEpziqhyvJ9q3O22MZ4j48%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7c861daa78a7363f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bread.svg
sparkse.info/assets/images/ 22 KB
9 KB 364ms
363ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sparkse.info/assets/images/bread.svg
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58be-5faf8c6afd8ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FR47ia5zYADLOj3N8SEHHHaqs1Q%2BrK11hQbHRWj3pK%2FnrKBK8yEi5dsW%2B%2BJeklD%2FJgf7T%2FPys6AH00M0HQYIUP%2Fw45PJO8yTLTwmBtST17qrv30mhJr4rsBRs7qOvJ3YwSMLLdboX7JS1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7c861db16db11a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 drink.svg
sparkse.info/assets/images/ 976 B
873 B 342ms
342ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sparkse.info/assets/images/drink.svg
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3d0-5faf8c6afd8ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIF4wLbXm0Vmfv6IB72bG8Sc7lY6thcXfwPImTle8BodD5OXpR3Qx8VN%2BVoDETuBw%2FfNbqRbDRfiP6kb78%2BDAo4B3evnLqLncpvu9xIgA114lBA5MB%2FHJo6%2B20GIOx0p8Mb4cvsSZwinrfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7c861db16db21a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 img-2.jpg
sparkse.info/assets/images/ 86 KB
86 KB 344ms
343ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sparkse.info/assets/images/img-2.jpg
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670215d94b14cfa72f9d66889c0232173372b2b7956d84c5a6247dfa337093d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "157c0-5faf8c6bc2d3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QN89vc7WQcfYnfzwEqEychjo%2BYiovxuPB5POH1scwrxWUfOXLn26H4VA628YIpA2Z0fgncQsXvQ0xZDsI%2FLnO7r08%2B0IPlHzWdn9a08%2F%2FEQrnALdsdxQXbfOSWTo2vHamYF63dmoPfBKtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c861db16db41a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88000

GET
H3 404 fetch
sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/ 0
0 351ms
350ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/fetch?prepare=start&w=W_OLB_N_OLB_BEARB_PROLOG&s=S-ONLBNK-NEO
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwjN9IUbifYLGwDYQtCGSFVCau3SzF2ahDCGAJEE1UzOzO2TeX7ZJBegz2SVx3Q6tKh9gYN6p6FIJqJrXhd%2Bw9ISaxMSSWD5J32ITbGQLHuUn3nMDASxyzkl0YKptraLgzogkgoSQhWcBgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 7c861dafeb8f1a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
28 KB 95ms
36ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: sparkse.info
URL: https://sparkse.info/Start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2256597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28112
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a24ddb-6dd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHX28KdbXrmEy3EIrrugXa0MW1SJgK7%2Bp2oBkOwLn3uOD93A5aISEKMmHbpIMgZnR6OLsNsH%2BWQqVcCGrRLkfOqywqQ0UIA5CR6Ts0BnIOJN%2F8vJLvjPb%2FP21A6jxDBes%2BpXnDR3AZh%2BkoXTMEfk6mSX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c861db0ffda1bc3-FRA
expires: Sun, 05 May 2024 19:44:33 GMT

GET
H3 404 require.js
sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/ 0
0 338ms
338ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/require.js
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haui2l9yn7jte6TfRPHI5Fqscgt5c1HJ8QE3rj1qu5r%2FuVFHa53YFrHyAkX7P38fTojUh50QzTvI9%2FPDe79toBs9MlBVJy5WbdybE9n0AtVZ9bYazYgpGG15KNWmR0KFYaIWMF74mARuwak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db16db61a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Sparkasse_web_Rg.woff
sparkse.info/assets/css/cs_haspa/fonts/ 41 KB
41 KB 364ms
363ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/cs_haspa/fonts/Sparkasse_web_Rg.woff
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451

Request headers

Referer: https://sparkse.info/assets/css/sp_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a200-5faf8c67cc28f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HN%2FbB%2FV%2FGSYFn1IiSksNskYRgjQx%2FBFPXvoVGphPVNtckQUtRHhmOALrEvp1tuMk2wol%2BFhGFsU7jhtF2hGAW6dr6pW74LPAMtnlhZbz%2F1BDq0VRwqRNfsyPWW2K2av9aCpfY9ww817%2Fa2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c861db18de41a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41472

GET
H3 200 pictos-if.woff
sparkse.info/assets/css/cs_haspa/fonts/ 197 KB
198 KB 375ms
373ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/cs_haspa/fonts/pictos-if.woff
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 385bbee80414712855e9a4250cd4dcbbff192dc79136cf99fa5b62075d3bb0ad

Request headers

Referer: https://sparkse.info/assets/css/sp_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "315c8-5faf8c670dba1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fw2vRsg3jm33y1s157A4yjLLChiqk963i1WVHoZuA602qZlTk3Kh9au%2BzljSHV1TOgn62JCat83oS7dg5tEAkqqB9bw7V5SkFoQhSD0WL5eCTSEs9gBZSpcdO5EKPhpNs1FzqyACR7dhD%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c861db18de81a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202184

GET
H3 404 SparkasseNEURg-Bold.woff2
sparkse.info/assets/ 0
0 396ms
395ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/SparkasseNEURg-Bold.woff2
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sparkse.info/assets/css/light_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B5crQ4ahxaEo%2BjK4uI5ilTNCtAxSZsUZqGRVhVMvVgk%2BI7wp7tqDxArqsQBXwgjEaSODYzbWZDSj%2BCfWAbUgp2RqT9gwLVNxOlcby57dMmEU7UZu3LsISo27g39x5i5bM5gmIO%2BH6pT88w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db18de91a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 SparkasseNEUMedium-Regular.woff2
sparkse.info/assets/ 0
0 397ms
396ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/SparkasseNEUMedium-Regular.woff2
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sparkse.info/assets/css/light_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boXcVTPZqRTSoSY7pjaVr79W4ldkbkhOggz7oA3p0vtpV58mcPn3YLBjVld6Qpt5ABGRA9FPnLua4m%2FOiFwYEt51ydBnUViRjWN%2B0rrzqwDnIWdt51V7oWc6Ten%2BlNxdRYN8ytlOettt24c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db18dea1a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 SparkasseNEURg-Regular.woff2
sparkse.info/assets/ 0
0 397ms
396ms Font
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/SparkasseNEURg-Regular.woff2
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/light_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sparkse.info/assets/css/light_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQcMC%2FPvyoCDwLkMawZvwNsn8mFJmVLS%2BmZeg7HZzV11gmZFgC6Je1e62WKkIWvi8EO9ANx5e5DonJxXdk0vJOpHhMGaLFaURGO2UJ0FPcK0UayBMbWelQLmwpgqvRmqYT5yn8QDFBSjqOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db19deb1a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ospm_v2.css
sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ 0
0 341ms
340ms Stylesheet
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_v2.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pimjZDeoM0JpbTEl7gOhrBtgZxc%2BZYVM05dytG%2B1Fo%2FYYpLZI%2FIk8rS%2FoKRlUtVjR2e0ot25A90kdjdxq0FqqW2ffOG383opVSix0z2YfARdHFUgHaQICSBhfPCfW3815NrbO5ADEP5ISzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db21ebe1a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 ospm_if_v2.css
sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ 0
0 343ms
343ms Stylesheet
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_if_v2.css
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLr%2FA6a4uMBTxBmjY%2FAA2mjavDYeW3jf3X99upNnG7iMujPk6NgDw59eQSpNBTa%2Fxxv8m3ouc2MJxAUNK06f0vPZ8DGkwXlG53MtmwwdltQhN6j9nriXSL5Sy94juymDYRB8WnKfNOwnNTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7c861db21ec01a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Start
sparkse.info/ 38 KB
38 KB 214ms
213ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sparkse.info/Start
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv4nYIVV6GAUzOkAPNNaqHgmddtG%2FzmQG%2FPN518kmpBAz1vebYEiR%2BXhtrFirVzfU4eRZTzM3k0Bc%2FZX5m0hT7TyusSHXzMF2seDgQuyCj4J0xl%2F1ovYubj8Hr4OsSL9%2FLaIJm98uHrIcYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7c861db21ec21a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Start Show response
sparkse.info/ 153 KB
48 KB 357ms
357ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/Start
Requested by: Host: sparkse.info
URL: https://sparkse.info/Start
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0974576cb6f7597f7cbfdb59549527f3fe577b7becf3b7267250237307993f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sparkse.info/Start
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBAKqVkUJAdRlnEERd0xoMuOyQmUGg5WlT1HjuHrS5RHPLEWYNUFbHG0FC8uYEgxWRq%2FOyWakpxQMDB%2BVmsaWeN4HhDQzXVxvIepQmBRd%2F%2FH0e%2B%2Bcu7RDLbbDSimV2fK3%2Fq1hLS6DngQ2PE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7c861db21ec31a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 Sparkasse_web_Bd.woff
sparkse.info/assets/css/cs_haspa/fonts/ 36 KB
37 KB 523ms
522ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/assets/css/cs_haspa/fonts/Sparkasse_web_Bd.woff
Requested by: Host: sparkse.info
URL: https://sparkse.info/assets/css/sp_styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002

Request headers

Referer: https://sparkse.info/assets/css/sp_styles.css
Origin: https://sparkse.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:34 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 05 May 2023 21:14:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "901c-5faf8c6748525"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6ci8mXRTQZ291LW%2B%2FV1ssPZde8XHboy3iRGqAm7UsVHG6REf5N2y%2BvdxRMcyfnHBnpiO1DakzjvhHbhCmC7zU9v3rIeIEK5HWiYSLL%2B6mle5CU5GGx%2B7RJbzH5tlkTXqnI8y35lP8L%2Fw2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c861db23eeb1a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36892

GET
H3

200

invisible.js Show response
sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/ Frame 1919
Redirect Chain

https://sparkse.info/cdn-cgi/challenge-platform/scripts/invisible.js
https://sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/invisible.js

26 KB
12 KB

27ms
27ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/invisible.js

Requested by

Host: sparkse.info
URL: https://sparkse.info/Start

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2b31b2df187757cd8c8fe5f9bff1cb11dba25f39e4ec3e36f6201ddbefe3ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTmRGh%2Fe7qAmQFAAnftBM0umuCBrBfR4YcM1WXai05MIDgYTUVdnOZ5eDgoZPEPS0rdo63hZTibccGK5SNRVegJgg%2BPHyNy5CpC%2Fz8Kyixr1xAzz45kfIDrbaL5AH2sqz05wrcE0Xe3NgqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c861db2bfa01a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 16 May 2023 19:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mPKU5kAWrjeGh%2FJNiCX%2B601FwOyw0iXKUAf4AEYuFS1WiIAwVcNxX%2BSk80IGga226Ot1YkrB9Fjn4amf8W3fTktRhW%2FRJqg4kOrQnu6qgckYp66A9fXeqh%2Fe%2FHcjJ7Iv85sv7%2BPYA2zUO4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/27ac9c8d/invisible.js
cache-control: max-age=300, public
cf-ray: 7c861db25f251a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1919 6 KB
3 KB 26ms
26ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sparkse.info/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: sparkse.info
URL: https://sparkse.info/Start

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e1aaff6c5d9aad4fd8fb25235090c736794fb5be2a576855385f78cd0e27f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 19:44:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7OlaC1cthzRB%2FUPzv%2FeuX3FxwcMyPQpWn9BwTjHkjZviCrUnj3eM0EddpGpRmBvexJup4QWqbbxAHmUFKRJYqR7aMIs1FRH1etHF7tD1D1VJ2b8WiVsgZAgFw8mTVCNn6H6B2Xf28mv7Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7c861db308051a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7c861da81d38363f Show response
sparkse.info/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1919 2 B
634 B 43ms
41ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sparkse.info/cdn-cgi/challenge-platform/h/b/cv/result/7c861da81d38363f
Requested by: Host: sparkse.info
URL: https://sparkse.info/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 May 2023 19:44:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t0jtwM6RQLnZmXsWtizEibB3BaBT8hEjC15Qr0zsu5r40o1LCLqle7crUuQqATTkpTJzh%2B8CRMYjLCHZAj4DUa4qpapiCC8oQRyNPKqyHxqz797y60IjKyVlSJhSPN%2FiPPAdcqo%2FnbqMGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c861db46a291a6b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sparkasse (Banking)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jabx.net/	1970-01-20 11:51:13	Name: XSRF-TOKEN Value: eyJpdiI6IlV0Wnk2VTRDazdEUFdRU084c1Roamc9PSIsInZhbHVlIjoiRW1UWXF4c24wRTZtZFMzTitKWXB2bUZQUVp6SG5BWXFtVnBVU3V3VjI0aTFCRy9JM0JwKzlkb2JSbDVkVFp6OUdwb1N6aExacEw5TkR2QVBkcGJsRTRLVHdRU2pkcExYMEhRMldrNjZVY0lnS3ZTK1hQRksvTExETUM4SDdZRjEiLCJtYWMiOiJhZTdjZTlmNmZjMjM5NGE4NWZjOTRkNzFiZDczNmI4MTFjYjI2MjhhNDdlZmQ4NjNjYjJmOTE5NjFhYzkyODcwIiwidGFnIjoiIn0%3D
jabx.net/	1970-01-20 11:51:13	Name: phpshort_session Value: eyJpdiI6IjJtM2ZrMG9mRk9nVnJMeXl5Vkg1M3c9PSIsInZhbHVlIjoicDlSODJjeGo5T2dHd0psTjhDQWZwTDFSSmRMdHFRbGxRcnhITTR5YUVHamk4dkY3aHdhZkUwb2syT1FIZlhuWHRBbXFLbTBlajdEdWFMdzZQMkZ6eEM3eEJVcU9NS3htVWg1cEsvTXJvTjljUnV1RlF4bkZHWlY1Z3pwbzhFSVgiLCJtYWMiOiI0YTg1ODFhMmZiZjA2YTEyNmMwYzUzZGQwMjcyOTFhNmJmNzIyYzI3NjJkYzA4YjIzZjdmMDlmNjJiMGE4MzExIiwidGFnIjoiIn0%3D
sparkse.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 05i9ma36ph24itmhi55hru9g3t
.sparkse.info/	1970-01-20 11:51:08	Name: __cf_bm Value: D.9bu7ZBK2.XTLlwGcINc5heInw_u85XLyHoGZLDiAI-1684266274-0-AYDMITmGdXE9kzl/Ae/m6jJSNYPKuS+C/OzAZn8mnKOdPIsh4oYknPtU0TYtOhj4YFYH/phaWhOmZhA5MXTcz/5g/gTYOs5prpTm05vQBlGL

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/neo/fetch?prepare=start&w=W_OLB_N_OLB_BEARB_PROLOG&s=S-ONLBNK-NEO Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/js-min/lib/require.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/assets/SparkasseNEURg-Bold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/assets/SparkasseNEUMedium-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/assets/SparkasseNEURg-Regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_v2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sparkse.info/if/neo.proxy/TUFJTkBwb3J0YWw=/neoif/taoospm/css/ospm/ospm_if_v2.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
jabx.net
kundenportal.hopp.to
sparkse.info
104.238.221.155
185.230.61.180
2606:4700::6811:180e
2a06:98c1:3121::3
0974576cb6f7597f7cbfdb59549527f3fe577b7becf3b7267250237307993f23
0e9eb66a1b33ae648ada3c56eb55fa149c4f1b88316b5a7255ca9b076740f451
1586adc8f49ebd0d1deca54b3bc9d1850e7f299b0880b61e6520a7cf2f336a17
22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ee73fd1898343f28de6ed91576db74c150e7f91fd9f6767ae1c52a503a4728a
340e931741c7162a2f4365577878e7b90d015114993168afbd2c40b674984380
385bbee80414712855e9a4250cd4dcbbff192dc79136cf99fa5b62075d3bb0ad
670215d94b14cfa72f9d66889c0232173372b2b7956d84c5a6247dfa337093d8
6b2b31b2df187757cd8c8fe5f9bff1cb11dba25f39e4ec3e36f6201ddbefe3ca
74e29c203255ea561c5057e915995667190e189d02c3d5a3e840ab28d2b26b33
8cdb874ad1a4a0623414f048ec39df6607f87a6dd123830a9bfef18b359e8347
8e1aaff6c5d9aad4fd8fb25235090c736794fb5be2a576855385f78cd0e27f16
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
cfb60612e54bf90e06da12dda76f1f1f1920ecf4629ea7ec9a0dd65df8d88c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91bcf65d01abb7d971cf9dda8046e8c20f9c4c53b849c656301b46e7b8131e0
e9b9f03e1a75cf22118a30e0503f346e8efb6859276d418e7d1a9a07f73f7002
f4e07d2fb57dd99f228e0d5b6e4e7a8d051ae49bb9643d850ac10369a6158e35

sparkse.info Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

1009 kBTransfer

4385 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

sparkse.info Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

1009 kB
Transfer

4385 kB
Size

4
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!