admin.df.eu Open in urlscan Pro
192.124.249.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://raniel.de/
Effective URL:
https://admin.df.eu/kunde/index.php?into=appsuite
Submission: On June 11 via manual (June 11th 2024, 8:23:11 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 10 HTTP transactions. The main IP is 192.124.249.168, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is admin.df.eu.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 6th 2024. Valid for: a year.

This is the only time admin.df.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1158:0:1... 2a00:1158:0:100::14	34011 (GD-EMEA-D...) (GD-EMEA-DC-CGN1)
1 1	134.119.228.27 134.119.228.27	34011 (GD-EMEA-D...) (GD-EMEA-DC-CGN1)
1	192.124.249.168 192.124.249.168	30148 (SUCURI-SEC) (SUCURI-SEC)
4	192.124.249.103 192.124.249.103	30148 (SUCURI-SEC) (SUCURI-SEC)
3	192.124.249.119 192.124.249.119	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a02:fe80:101... 2a02:fe80:1010::3:7	30148 (SUCURI-SEC) (SUCURI-SEC)
10	5

1 2a00:1158:0:100::14 (Strasbourg, France) 1 redirects

ASN34011 (GD-EMEA-DC-CGN1, DE)

raniel.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.119.228.27 (Cologne, Germany) 1 redirects

ASN34011 (GD-EMEA-DC-CGN1, DE)

webmail.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.124.249.168 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10168.sucuri.net

admin.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.124.249.103 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10103.sucuri.net

css-admin.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.124.249.119 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10119.sucuri.net

js-admin.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fe80:1010::3:7 (United States)

ASN30148 (SUCURI-SEC, US)

www.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	df.eu 1 redirects webmail.df.eu admin.df.eu css-admin.df.eu js-admin.df.eu www.df.eu	748 KB
1	raniel.de 1 redirects raniel.de	205 B
10	2

	Domain	Requested by
4	css-admin.df.eu	admin.df.eu css-admin.df.eu
3	js-admin.df.eu	admin.df.eu
2	www.df.eu
1	admin.df.eu
1	webmail.df.eu	1 redirects
1	raniel.de	1 redirects
10	6

This site contains links to these domains. Also see Links.

Domain
www.df.eu
status.df.eu
sso.df.eu
sso.secureserver.net
login.microsoftonline.com

Subject Issuer	Validity	Valid
admin.df.eu Starfield Secure Certificate Authority - G2	`2024-03-06` - `2025-03-06`	a year	crt.sh
*.df.eu Go Daddy Secure Certificate Authority - G2	`2024-01-02` - `2025-02-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://admin.df.eu/kunde/index.php?into=appsuite
Frame ID: D94A0EFF8C878B91986FD68CFE52C50C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Webmail | DomainFactory

Page URL History Show full URLs

http://raniel.de/ HTTP 307
https://raniel.de/ HTTP 307
http://raniel.de/ HTTP 302
https://webmail.df.eu/horde/login.php HTTP 301
https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

6
Subdomains

5
IPs

3
Countries

747 kB
Transfer

810 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.df.eu/
Title: DomainFactory

Search URL Search Domain Scan URL

URL: https://www.df.eu/support/formulare/
Title: Formulare

Search URL Search Domain Scan URL

URL: https://www.df.eu/support/df-faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: http://status.df.eu/
Title: Statusmeldungen

Search URL Search Domain Scan URL

URL: https://sso.df.eu/?app=cp&path=%2Fkunde%2Findex.php%3Finto%3Dappsuite&realm=idp
Title: Kundenmenü

Search URL Search Domain Scan URL

URL: https://sso.df.eu/?app=jb&realm=idp
Title: JiffyBox

Search URL Search Domain Scan URL

URL: https://sso.df.eu/?app=cp&path=%2Fpublic%2Findex.php%3Fmodule%3Dwsb&realm=idp
Title: Homepage-Baukasten

Search URL Search Domain Scan URL

URL: https://sso.secureserver.net/login?pl_id=525845&app=ox&realm=pass
Title: MyMailStarter, Individual & Team

Search URL Search Domain Scan URL

URL: https://login.microsoftonline.com/?mkt=de-DE
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/datenschutz/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/agb/
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/widerrufsrecht/
Title: Widerrufsrecht

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/support/kontakt
Title: Kontakt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://raniel.de/ HTTP 307
https://raniel.de/ HTTP 307
http://raniel.de/ HTTP 302
https://webmail.df.eu/horde/login.php HTTP 301
https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
admin.df.eu/kunde/
Redirect Chain

http://raniel.de/
https://raniel.de/
http://raniel.de/
https://webmail.df.eu/horde/login.php
https://admin.df.eu/kunde/index.php?into=appsuite

65 KB
32 KB

667ms
533ms

Document
text/html

192.124.249.168
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.168 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10168.sucuri.net

Software

nginx /

Resource Hash

83cb298b13095202a32b6ef987a347ed604015ad731db4fbcf5288c6e5a96aa1

Security Headers

Name	Value
Content-Security-Policy	default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security	max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate
content-encoding: gzip
content-length: 31738
content-security-policy: default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://*.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 20:23:06 GMT
etag: "df-d417937e1c115e55bd66ea34065e4211"
referrer-policy: strict-origin-when-cross-origin no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 14018
x-ua-compatible: IE=Edge,chrome=IE8
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 257
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 11 Jun 2024 20:23:05 GMT
Keep-Alive: timeout=5, max=100
Location: https://admin.df.eu/kunde/index.php?into=appsuite
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 df_lib-min.css
css-admin.df.eu/TS1716903431/ 247 KB
248 KB 155ms
27ms Stylesheet
text/css 192.124.249.103
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://css-admin.df.eu/TS1716903431/df_lib-min.css

Requested by

Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10103.sucuri.net

Software

nginx /

Resource Hash

fc7cfe36707fee86251f986258c9feeaa6d67e5629c23e9ef721820d452faaed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:06 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 252512
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 May 2024 13:37:12 GMT
server: nginx
etag: "6655de08-3da60"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 startauftrag-min.css
css-admin.df.eu/TS1716903426/ 0
1 KB 154ms
55ms Other
text/css 192.124.249.103
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://css-admin.df.eu/TS1716903426/startauftrag-min.css

Requested by

Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10103.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:06 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 547
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 May 2024 13:37:06 GMT
server: nginx
etag: "6655de02-223"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-min.js Show response
js-admin.df.eu/TS1716903432/ 87 KB
88 KB 205ms
27ms Script
application/javascript 192.124.249.119
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://js-admin.df.eu/TS1716903432/jquery-min.js

Requested by

Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10119.sucuri.net

Software

nginx /

Resource Hash

9d6c4895577370bff558f15f06e68bc0fb9cd83a6e16751c96e2068767a719f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:06 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 88888
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 May 2024 13:37:14 GMT
server: nginx
etag: "6655de0a-15b38"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 df_lib-min.js Show response
js-admin.df.eu/TS1716903440/ 316 KB
317 KB 219ms
42ms Script
application/javascript 192.124.249.119
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://js-admin.df.eu/TS1716903440/df_lib-min.js

Requested by

Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10119.sucuri.net

Software

nginx /

Resource Hash

3ad928d1725c76328dbcd50993fef6ac612759db28764a1db381685488dfacf2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:06 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 323845
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 May 2024 13:37:23 GMT
server: nginx
etag: "6655de13-4f105"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr-min.js Show response
js-admin.df.eu/TS1716903424/ 12 KB
12 KB 219ms
42ms Script
application/javascript 192.124.249.119
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://js-admin.df.eu/TS1716903424/modernizr-min.js

Requested by

Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10119.sucuri.net

Software

nginx /

Resource Hash

75f06875766baee228cd102085e56fecd3cc5f8dfb5f7ce94591b71d34a5a306

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:06 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 11778
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 May 2024 13:37:05 GMT
server: nginx
etag: "6655de01-2e02"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moretype-depotnew-regular-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 23 KB
23 KB 47ms
14ms Font
application/octet-stream 192.124.249.103
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-regular-webfont.woff2

Requested by

Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1716903431/df_lib-min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10103.sucuri.net

Software

nginx /

Resource Hash

2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://css-admin.df.eu/TS1716903431/df_lib-min.css
Origin: https://admin.df.eu
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:07 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 23276
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Aug 2021 08:42:56 GMT
server: nginx
etag: "6107b010-5aec"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 783 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 729 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 318 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 474 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 moretype-depotnew-bold-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 22 KB
23 KB 33ms
28ms Font
application/octet-stream 192.124.249.103
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-bold-webfont.woff2

Requested by

Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1716903431/df_lib-min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10103.sucuri.net

Software

nginx /

Resource Hash

ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://.lpsnmedia.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://css-admin.df.eu/TS1716903431/df_lib-min.css
Origin: https://admin.df.eu
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:07 GMT
content-security-policy: upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-sucuri-cache: HIT
content-length: 22640
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 02 Aug 2021 08:42:56 GMT
server: nginx
etag: "6107b010-5870"
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
x-sucuri-id: 14003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 favicon.ico
www.df.eu/ 181 B
4 KB 209ms
28ms Other
image/x-icon 2a02:fe80:1010::3:7
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.df.eu/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::3:7 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.tellja.eu https://siteintercept.qualtrics.com https://.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://.ampproject.org https://.lpsnmedia.net https://.tealiumiq.com https://.google.com https://.google.de https://.doubleclick.net https://.optimizely.com https://www.google-analytics.com https://.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://.analytics.google.com wss://lo.msg.liveperson.net/ https://.googlesyndication.com https://www.google-analytics.com https://.tellja.eu https://.bing.com https://.doubleclick.net https://.metrics.convertexperiments.com https://.convertexperiments.com https://.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://.amazonaws.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://.tellja.eu https://.googletagmanager.com https://.amazonaws.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://.clarity.ms https://.omnitagjs.com https://.adnxs.com https://.aklamio.com https://.doubleclick.net https://java.com https://tags.tiqcdn.com https://.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://.twitter.com https://static.ads-twitter.com https://.ampproject.org https://.wsimg.com https://.liveperson.net https://.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://.openx.net https://.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://.pubmine.com https://cm.adform.net https://.bidswitch.net https://.casalemedia.com https://.tellja.eu https://.tellja.de https://.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://siteintercept.qualtrics.com https://.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://.clarity.ms https://.bing.com https://irp.cdn-website.com https://.atdmt.com https://.zemanta.com https://.trustpilot.com https://.aklamio.com https://img1.wsimg.com https://.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://.multiscreensite.com; frame-src 'self' mailto: https://.liveperson.net/ https://.tellja.eu https://.df.eu https://.dftest.eu https://.qualtrics.com/ https://.doubleclick.net https://www.youtube-nocookie.com https://.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://.optimizely.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://.facebook.com https://.facebook.net www.youtube.com .vimeo.com .vimeocdn.com https://.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:07 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
x-sucuri-cache: HIT
content-length: 181
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Jun 2022 10:36:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: geolocation 'self'; midi 'self'; payment 'self'; camera 'self'; usb 'self'; fullscreen 'self'; magnetometer 'self'; picture-in-picture *; accelerometer 'self'; encrypted-media 'self'; autoplay 'self'; gyroscope 'self'; sync-xhr 'self'; microphone 'self'
x-sucuri-id: 20003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 favicon.ico
www.df.eu/ 181 B
0 0ms
0ms Other
image/x-icon 2a02:fe80:1010::3:7
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.df.eu/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:fe80:1010::3:7 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.tellja.eu https://siteintercept.qualtrics.com https://.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://.ampproject.org https://.lpsnmedia.net https://.tealiumiq.com https://.google.com https://.google.de https://.doubleclick.net https://.optimizely.com https://www.google-analytics.com https://.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://.analytics.google.com wss://lo.msg.liveperson.net/ https://.googlesyndication.com https://www.google-analytics.com https://.tellja.eu https://.bing.com https://.doubleclick.net https://.metrics.convertexperiments.com https://.convertexperiments.com https://.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://.amazonaws.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://.tellja.eu https://.googletagmanager.com https://.amazonaws.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://.clarity.ms https://.omnitagjs.com https://.adnxs.com https://.aklamio.com https://.doubleclick.net https://java.com https://tags.tiqcdn.com https://.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://.twitter.com https://static.ads-twitter.com https://.ampproject.org https://.wsimg.com https://.liveperson.net https://.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://.openx.net https://.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://.pubmine.com https://cm.adform.net https://.bidswitch.net https://.casalemedia.com https://.tellja.eu https://.tellja.de https://.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://siteintercept.qualtrics.com https://.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://.clarity.ms https://.bing.com https://irp.cdn-website.com https://.atdmt.com https://.zemanta.com https://.trustpilot.com https://.aklamio.com https://img1.wsimg.com https://.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://.multiscreensite.com; frame-src 'self' mailto: https://.liveperson.net/ https://.tellja.eu https://.df.eu https://.dftest.eu https://.qualtrics.com/ https://.doubleclick.net https://www.youtube-nocookie.com https://.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://.optimizely.com https://.convertexperiments.com https://.metrics.convertexperiments.com https://.optimizetoolkit.com https://.facebook.com https://.facebook.net www.youtube.com .vimeo.com .vimeocdn.com https://.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:23:07 GMT
content-security-policy: default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
x-content-type-options: nosniff
x-sucuri-cache: HIT
content-length: 181
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Jun 2022 10:36:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=315360000
feature-policy: geolocation 'self'; midi 'self'; payment 'self'; camera 'self'; usb 'self'; fullscreen 'self'; magnetometer 'self'; picture-in-picture *; accelerometer 'self'; encrypted-media 'self'; autoplay 'self'; gyroscope 'self'; sync-xhr 'self'; microphone 'self'
x-sucuri-id: 20003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			admin.df.eu/	1969-12-31 23:59:59	Name: APP_LOCALE Value: de
			admin.df.eu/	1970-01-20 21:15:37	Name: sHtmlClass Value: js%20theme-df%20page-login%20fixedsticky-withoutfixedfixed%20history%20localstorage%20sessionstorage%20hashchange%20details%20domready%20scrollbarwidth_1%20multiupload%20csscalc%20cookies%20js%20iframe

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://admin.df.eu/kunde/index.php?into=appsuite Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://admin.df.eu/kunde/index.php?into=appsuite Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://admin.df.eu/kunde/index.php?into=appsuite Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' .dftest.eu .df.eu; connect-src 'self' https: wss://.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security	max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.df.eu
css-admin.df.eu
js-admin.df.eu
raniel.de
webmail.df.eu
www.df.eu
134.119.228.27
192.124.249.103
192.124.249.119
192.124.249.168
2a00:1158:0:100::14
2a02:fe80:1010::3:7
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
3ad928d1725c76328dbcd50993fef6ac612759db28764a1db381685488dfacf2
541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a
58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb
6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d
75f06875766baee228cd102085e56fecd3cc5f8dfb5f7ce94591b71d34a5a306
83cb298b13095202a32b6ef987a347ed604015ad731db4fbcf5288c6e5a96aa1
877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d
8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186
9d6c4895577370bff558f15f06e68bc0fb9cd83a6e16751c96e2068767a719f2
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493
d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181
fc7cfe36707fee86251f986258c9feeaa6d67e5629c23e9ef721820d452faaed

admin.df.eu Open in urlscan Pro 192.124.249.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

33 %IPv6

2 Domains

6 Subdomains

5 IPs

3 Countries

747 kBTransfer

810 kBSize

2 Cookies

14 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

admin.df.eu Open in urlscan Pro
192.124.249.168 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

6
Subdomains

5
IPs

3
Countries

747 kB
Transfer

810 kB
Size

2
Cookies

10 HTTP transactions
10 data transactions