Submitted URL: http://sparkonline.boit.us/
Effective URL: https://sparkonline.boit.us/
Submission: On September 15 via api from GB — Scanned from US

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:4400::ac40:9861, located in United States and belongs to CLOUDFLARENET, US. The main domain is sparkonline.boit.us.
TLS certificate: Issued by E1 on September 14th 2023. Valid for: 3 months.
This is the only time sparkonline.boit.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 thinkific.com
assets.thinkific.com — Cisco Umbrella Rank: 79647
cdn.thinkific.com — Cisco Umbrella Rank: 60365
cdn-themes.thinkific.com — Cisco Umbrella Rank: 85066
import.cdn.thinkific.com — Cisco Umbrella Rank: 72087
214 KB
5 boit.us
sparkonline.boit.us
39 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
225 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
19 7
Domain Requested by
5 cdn.thinkific.com sparkonline.boit.us
5 sparkonline.boit.us 2 redirects sparkonline.boit.us
2 import.cdn.thinkific.com sparkonline.boit.us
2 assets.thinkific.com sparkonline.boit.us
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 www.google-analytics.com sparkonline.boit.us
1 cdn-themes.thinkific.com sparkonline.boit.us
1 maxcdn.bootstrapcdn.com sparkonline.boit.us
1 fonts.googleapis.com sparkonline.boit.us
1 www.google.com sparkonline.boit.us
19 11

This site contains links to these domains. Also see Links.

Domain
www.bankonitusa.com
Subject Issuer Validity Valid
sparkonline.boit.us
E1
2023-09-14 -
2023-12-13
3 months crt.sh
*.thinkific.com
Amazon RSA 2048 M01
2023-08-16 -
2024-09-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-08
a year crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
thinkific.com
Cloudflare Inc ECC CA-3
2023-08-22 -
2024-08-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh

This page contains 2 frames:

Primary Page: https://sparkonline.boit.us/
Frame ID: A550F4B588A43304289915CA8F478E22
Requests: 17 HTTP requests in this frame

Frame: https://sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
Frame ID: 1D6827325F0E263317C45AB605B94EE4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

SPARK Online - Online Learning Provided By BankOnIT

Page URL History Show full URLs

  1. http://sparkonline.boit.us/ HTTP 301
    https://sparkonline.boit.us/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

19
Requests

95 %
HTTPS

100 %
IPv6

7
Domains

11
Subdomains

7
IPs

1
Countries

508 kB
Transfer

1310 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sparkonline.boit.us/ HTTP 301
    https://sparkonline.boit.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://sparkonline.boit.us/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sparkonline.boit.us/
Redirect Chain
  • http://sparkonline.boit.us/
  • https://sparkonline.boit.us/
303 KB
35 KB
Document
General
Full URL
https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e8fb7741729bb8f87ac8ff2c1fee804fdd7a4586cd72151109c1e4380a31c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
806d2da32f463361-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Sep 2023 01:43:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
f86f504da2387f73c19ad4c05f89194f
x-runtime
0.072160
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
806d2da26e0dda17-MIA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 15 Sep 2023 01:43:20 GMT
Expires
Fri, 15 Sep 2023 02:43:20 GMT
Location
https://sparkonline.boit.us/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
custom_site_theme_required-336c270ef813f4473d1a68d8417521432a352d952fbcdd9f58c2183b3eaa9ed3.css
assets.thinkific.com/assets/
56 KB
9 KB
Stylesheet
General
Full URL
https://assets.thinkific.com/assets/custom_site_theme_required-336c270ef813f4473d1a68d8417521432a352d952fbcdd9f58c2183b3eaa9ed3.css
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:9800:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
336c270ef813f4473d1a68d8417521432a352d952fbcdd9f58c2183b3eaa9ed3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 08 Aug 2023 00:09:31 GMT
content-encoding
gzip
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
last-modified
Thu, 03 Aug 2023 22:09:44 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
3288831
etag
W/"92afb4199a7b9b7a2d332a25c009c72a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
QtmBkgIQi2a6zn00g8TIupC3bflwSV6cDE7y66yq2a5328K3f-RXfQ==
toga-icons.css
cdn.thinkific.com/assets/toga-css/0.82.0/fonts/
8 KB
2 KB
Stylesheet
General
Full URL
https://cdn.thinkific.com/assets/toga-css/0.82.0/fonts/toga-icons.css
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
755adf4598f2a272e3eaaab463b0ea69db68ec2373a5bdf5bac1c3b87dfce917
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
B6IwpM_0Rlu.b8OYoZNM4ag6_3S0W8hu
age
4350714
x-amz-request-id
GASFE6T1F9NDX906
x-amz-server-side-encryption
AES256
x-amz-id-2
i1jJ+k1ytRc29miE5FObWCKTteDFZ3N+AAO23GKILT7GV+27QYOu7oM/79SkcDUT4VXyoRJGWRg=
last-modified
Mon, 24 Jul 2023 18:48:12 GMT
server
cloudflare
etag
W/"e9c5ec4f3d207f90723e269527bab504"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
806d2da52b8d495e-MIA
expires
Sat, 14 Sep 2024 01:43:21 GMT
toga-product-icons.css
cdn.thinkific.com/assets/toga-css/0.82.0/fonts/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.thinkific.com/assets/toga-css/0.82.0/fonts/toga-product-icons.css
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
wdM4ZXD2XwivmwdW6M1MOedxNcDPzhnf
age
4350714
x-amz-request-id
GAS257WSDSG2X1CY
x-amz-server-side-encryption
AES256
x-amz-id-2
IdneQgGVVFsluip2A6Sv2qr4Zc+xIC/OsaTPsbePfUXzeWCrf/xMkMOomFwCtY+hpioicbQsC6Q=
last-modified
Mon, 24 Jul 2023 18:48:13 GMT
server
cloudflare
etag
W/"64588782dc5242aeacd3e433561a2e09"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
806d2da52b8f495e-MIA
expires
Sat, 14 Sep 2024 01:43:21 GMT
jquery.min.js
cdn.thinkific.com/assets/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://cdn.thinkific.com/assets/jquery/3.5.1/jquery.min.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
TJlVQ1W6DFtqgwSYhO5pQRbWdyJepDZH
age
12714013
x-amz-request-id
9T8F89TF98B590ED
x-amz-server-side-encryption
AES256
x-amz-id-2
VcYr3vofzpUUWSOiyoxmI3VlTdJ6o1xXqJQUIFPa680RLH9ukk3BHo29zSU8jI0d2pGhn0nvudk=
last-modified
Thu, 06 Apr 2023 21:11:05 GMT
server
cloudflare
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
806d2da52b90495e-MIA
expires
Sat, 14 Sep 2024 01:43:21 GMT
jquery-migrate.js
cdn.thinkific.com/assets/jquery-migrate/3.3.1/
24 KB
8 KB
Script
General
Full URL
https://cdn.thinkific.com/assets/jquery-migrate/3.3.1/jquery-migrate.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
sbAFxSH10fxqKcwitZUL2SaIQhAR78WP
age
6785261
x-amz-request-id
XCZZ4EM1E6NGNEQ3
x-amz-server-side-encryption
AES256
x-amz-id-2
EnxSXfHD8TA/MehmbKym4PCXdG6Y5iOIfdfUVDnVdLq+o+SeZ6uvzTUTV+1M9UTfZlv2mbiYmxU=
last-modified
Thu, 06 Apr 2023 21:11:04 GMT
server
cloudflare
etag
W/"a2567f79a66b943e14eea52ff1027af0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
806d2da52b91495e-MIA
expires
Sat, 14 Sep 2024 01:43:21 GMT
rails.min.js
cdn.thinkific.com/assets/jquery-ujs/1.2.2/
9 KB
3 KB
Script
General
Full URL
https://cdn.thinkific.com/assets/jquery-ujs/1.2.2/rails.min.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
2g4Ry.xmmjflzbgMZWBFMo4xyUnmr5gc
age
6500717
x-amz-request-id
9BD0078J74ACAX3H
x-amz-server-side-encryption
AES256
x-amz-id-2
X/oTDp06FgDc48li6IWhqh4EZgLrK8L8aPUdaOK2qah2pNNSn2pT7rQkj01tBKZflEuyQI3W5xo=
last-modified
Thu, 29 Jun 2023 23:44:27 GMT
server
cloudflare
etag
W/"d612716f523552c340705dcbb89fdd5a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
806d2da52b92495e-MIA
expires
Sat, 14 Sep 2024 01:43:21 GMT
application-themes-v2-629c5245012b01ce1b6e893cb548f66619f33eae5e3781c6f869cf27a8bf0277.js
assets.thinkific.com/assets/
33 KB
11 KB
Script
General
Full URL
https://assets.thinkific.com/assets/application-themes-v2-629c5245012b01ce1b6e893cb548f66619f33eae5e3781c6f869cf27a8bf0277.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:9800:1e:d21e:3d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c4005a10b91367120d25f61979fe4cb5236cb0fded09851553ca34d8c9e3d4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 25 Jul 2023 17:51:59 GMT
content-encoding
gzip
via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 17:46:20 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
4434683
etag
W/"727a00140eb62c8c9411301b7af5b685"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
TG-RbUz1xBPqANqf6huSWm-9QSSAZ-DPwLml6tVae0Ji9MUV4Fgthg==
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55f61747679ff2170e7d32959a679a179e59d0d2872a17e2eabe5124c8fb4e97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Fri, 15 Sep 2023 01:43:21 GMT
css
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,400i,500,600,700,800,900
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e8f90bf20fe73c80307924936c522e4e89140aeb02c31aa5806138135b22d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Sep 2023 01:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Sep 2023 01:43:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Sep 2023 01:43:21 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
9959551
cdn-cachedat
07/15/2022 17:39:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f1caf59751b9699e289d2d05d059a282
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
806d2da539a45c75-MIA
cdn-requestpullsuccess
True
script.min-1683056640.js
cdn-themes.thinkific.com/358822/378836/
54 KB
15 KB
Script
General
Full URL
https://cdn-themes.thinkific.com/358822/378836/script.min-1683056640.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ce0142bdbee7804e76e22fa10c0ab1fad799953c9394585ac548198b870b49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 02 May 2023 19:44:01 GMT
server
cloudflare
x-amz-request-id
8A9YDPMSHHST09RX
etag
W/"2c8ccb094d2aa11263d466e2b23388a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
806d2da5dfd30981-MIA
x-amz-id-2
QqnB+Msjg6oxyhv9rMx8hbcda5zcvnS8VMa4p7JeHtCjhvoxewX6hSulsGlHuxBPF0hqqnNfnts=
expires
Fri, 15 Sep 2023 05:43:21 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Sep 2023 00:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3746
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Sep 2023 02:40:55 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/
453 KB
182 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sparkonline.boit.us/
Origin
https://sparkonline.boit.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Wed, 13 Sep 2023 22:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185696
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 18:47:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 22:19:37 GMT
358822%2Fcustom_site_themes%2Fid%2FHwaywrcT6Ov3YOFWJJFU_Main%20Banner%20Background%20-%20SPARK%20Online.png
import.cdn.thinkific.com/
97 KB
97 KB
Image
General
Full URL
https://import.cdn.thinkific.com/358822%2Fcustom_site_themes%2Fid%2FHwaywrcT6Ov3YOFWJJFU_Main%20Banner%20Background%20-%20SPARK%20Online.png
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ea4a5289a6fbd959bff39a549d73b711f285a35fd1fcb1fd7d099172a5dc29
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
4406
x-amz-request-id
97FHF68KMR300N26
x-amz-server-side-encryption
AES256
content-length
98909
x-amz-id-2
c2+Ki3wU6IANjlb5CWHFezNoN8mDerBlMtF0tdQTH7+n4GD1Z1KpiddkA5gDmauWPRd+RIlJYjk=
last-modified
Sat, 04 Dec 2021 01:00:10 GMT
server
cloudflare
etag
"1067b16cad5e2cb95dd53fe19fce98e4"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
806d2da71e36495e-MIA
expires
Fri, 15 Sep 2023 05:43:21 GMT
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v29/
42 KB
43 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,400i,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sparkonline.boit.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 14 Sep 2023 18:25:44 GMT
x-content-type-options
nosniff
age
26257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43448
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:53:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:25:44 GMT
358822%2Fcustom_site_themes%2Fid%2FJQuC8WYpQBW0c7TIag4Q_Header%20Corner%20Image%20-%20SPARK%20Online%20-%20Final.png
import.cdn.thinkific.com/
36 KB
37 KB
Image
General
Full URL
https://import.cdn.thinkific.com/358822%2Fcustom_site_themes%2Fid%2FJQuC8WYpQBW0c7TIag4Q_Header%20Corner%20Image%20-%20SPARK%20Online%20-%20Final.png
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66dd25629bb912dc66588c7fc4e02c671427b1903ee32a5cc11f2f4a478880dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sparkonline.boit.us/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
age
4406
x-amz-request-id
97FKK630X9VX6MBZ
x-amz-server-side-encryption
AES256
content-length
37013
x-amz-id-2
CgzU/G+hy/d4duVuDtzKY4VhTRcPU82BY/dajuVWUET7U/UYoCAYBjtqmWMR+a8IhJuyH+fraWc=
last-modified
Tue, 03 Jan 2023 19:29:39 GMT
server
cloudflare
etag
"178b9c89938ecbcb156d2ced591179ed"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
806d2da71e39495e-MIA
expires
Fri, 15 Sep 2023 05:43:21 GMT
main.js
sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/ Frame 1D68
Redirect Chain
  • https://sparkonline.boit.us/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
7 KB
4 KB
Script
General
Full URL
https://sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/
Protocol
H2
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2def4ce41e2628fe0052dc06a1d1b23f7a046b10055b4cd4532cb866da45b23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
806d2da80fd63361-MIA

Redirect headers

date
Fri, 15 Sep 2023 01:43:21 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/0cecfec7/main.js
cache-control
max-age=300, public
cf-ray
806d2da7cf543361-MIA
806d2da32f463361
sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1D68
0
256 B
XHR
General
Full URL
https://sparkonline.boit.us/cdn-cgi/challenge-platform/h/g/jsd/r/806d2da32f463361
Requested by
Host: sparkonline.boit.us
URL: https://sparkonline.boit.us/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

date
Fri, 15 Sep 2023 01:43:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
806d2da94a273361-MIA
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| Thinkific string| thinkific_google_analytics_disabled string| tcd string| tenantGoogleAnalyticsKey undefined| tenantCD string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| createOptions function| instantiateCreditCardForm function| recreateCreditCardForm object| StripeCreditCardForm object| ThinkificAnalytics object| respond object| jstz object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| FastClick object| html5 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha

5 Cookies

Domain/Path Name / Value
sparkonline.boit.us/ Name: visitor_id
Value: 2092119287
sparkonline.boit.us/ Name: _thinkific_session
Value: aFZ4c2k1WFQrSUNQcDdwQlAvQ1o1YzV2TXdhTGZhQlpUV29BRjBqbWo0VVVOenowSVh4clpPTWoxbDR3aGhJWGJ3Y0g4Vk9ESUppQm5aaUZSMk9Fclg0OUV1OW03VFFBa1lvSG1RUU44NXlMYkFPUFQyRWQ5amVWZUw1NVdzVGFvcG9MaDF0QW5nYzU5OTN4ZXJRR0JBPT0tLTRGT215Z1ZNYlFoQ0ZuR3R5amgwTXc9PQ%3D%3D--568a1f53c1cfcd462447a1a4ff947a77a4bf0911
.sparkonline.boit.us/ Name: __cf_bm
Value: OsyoJjaeak.uxyQpIDAzsP6b77q4kmefyxUnzNNzQZs-1694742201-0-AczuOh0oDn9zQmzDxTRvmc3TVl/DPtsAAV5Z1vPnpLRW5P3fMto3HE9HM4qdP8BMmIOn6ePmBUaIOYxLwThKqG8=
.thinkific.com/ Name: __cf_bm
Value: YNuJlSVzNSuyqWAGAhJIMB8m3ScrzWwpap3h4QlFVXQ-1694742201-0-AYjeEXVyuGK/qeAVSj/DRAFf939n6yOeDtfD3d6cjZIXEkpEOueD+3vLlQEa7kPhCQ8zOMCClHL+ZamnLpwFhgU=
.sparkonline.boit.us/ Name: cf_clearance
Value: AckofNGX8bLWALt72nEyFnDfmeyFMg5fet7HPfEIHZI-1694742201-0-1-ec0ad786.72af1eee.bb0b8866-0.2.1694742201

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.thinkific.com
cdn-themes.thinkific.com
cdn.thinkific.com
fonts.googleapis.com
fonts.gstatic.com
import.cdn.thinkific.com
maxcdn.bootstrapcdn.com
sparkonline.boit.us
www.google-analytics.com
www.google.com
www.gstatic.com
2600:9000:21dd:9800:1e:d21e:3d00:93a1
2606:4700:4400::ac40:9861
2606:4700::6812:acf
2607:f8b0:4006:816::200e
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2004
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
17e8fb7741729bb8f87ac8ff2c1fee804fdd7a4586cd72151109c1e4380a31c3
30ea4a5289a6fbd959bff39a549d73b711f285a35fd1fcb1fd7d099172a5dc29
336c270ef813f4473d1a68d8417521432a352d952fbcdd9f58c2183b3eaa9ed3
55f61747679ff2170e7d32959a679a179e59d0d2872a17e2eabe5124c8fb4e97
66dd25629bb912dc66588c7fc4e02c671427b1903ee32a5cc11f2f4a478880dc
755adf4598f2a272e3eaaab463b0ea69db68ec2373a5bdf5bac1c3b87dfce917
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c4005a10b91367120d25f61979fe4cb5236cb0fded09851553ca34d8c9e3d4f
946b94a8950f5c910c8105ff45168cea66642baa27a398b96c7b81304e2a382a
9d71f71f397da987bce397bff97f4b892d04fef24b2e307419f55b3f6859cbee
9e8f90bf20fe73c80307924936c522e4e89140aeb02c31aa5806138135b22d3b
a36746585bd5af117aff1cfeec39c2a810d6d9c601ca083d132786abf09d01b1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ce0142bdbee7804e76e22fa10c0ab1fad799953c9394585ac548198b870b49
f2def4ce41e2628fe0052dc06a1d1b23f7a046b10055b4cd4532cb866da45b23
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d