admin.df.eu Open in urlscan Pro
192.124.249.168  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php5 Show response admin.df.eu/public/	10 KB 4 KB	349ms 175ms	Document text/html	192.124.249.168 SUCURI-SEC
General Check archive.org Show headers Download Go to Full URL https://admin.df.eu/public/index.php5?module=chmail Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.124.249.168 Menifee, United States, ASN30148 (SUCURI-SEC, US), Reverse DNS cloudproxy10168.sucuri.net Software nginx / Resource Hash f2864d7b0aa7391397a31847c6420c6befab7fe64b4e4e823d493ca31e575297 Security Headers Name Value Content-Security-Policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; Strict-Transport-Security max-age=3153600; includeSubDomains; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority admin.df.eu :scheme https :path /public/index.php5?module=chmail pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Fri, 26 Feb 2021 07:25:26 GMT content-type text/html; charset=utf-8 content-length 3423 x-sucuri-id 19018 set-cookie APP_LOCALE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ APP_LOCALE=en; path=/ x-ua-compatible IE=Edge,chrome=IE8 content-security-policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; strict-transport-security max-age=3153600; includeSubDomains; preload; x-frame-options SAMEORIGIN x-xss-protection 1; mode=block x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin cache-control max-age=0, must-revalidate etag "df-af003743226f59e44fbabe8df2a7e1f6" content-encoding gzip vary Accept-Encoding x-cache MISS from admin.df.eu x-sucuri-cache MISS
GET H/1.1	200 OK	df_lib-min.css css-admin.df.eu/TS1612276900/	242 KB 83 KB	183ms 64ms	Stylesheet text/css	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://css-admin.df.eu/TS1612276900/df_lib-min.css Requested by Host: admin.df.eu URL: https://admin.df.eu/public/index.php5?module=chmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash 272a87b5c8845376d29768a74fce02934a3d6ba950ccdcec0fa45abe8423a161 Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Content-Encoding gzip Last-Modified Tue, 02 Feb 2021 14:41:41 GMT Server nginx ETag "601964a5-14aec" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Content-Length 84716 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	jquery-min.js Show response js-admin.df.eu/TS1612276886/	87 KB 31 KB	188ms 64ms	Script application/x-javascript	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://js-admin.df.eu/TS1612276886/jquery-min.js Requested by Host: admin.df.eu URL: https://admin.df.eu/public/index.php5?module=chmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash 119d9c408a017e6bacdb2e3059d7816d9c4114f00adde7aee177ecae74c05e3c Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Content-Encoding gzip Last-Modified Tue, 02 Feb 2021 14:41:37 GMT Server nginx ETag "601964a1-7b42" Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Content-Length 31554 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	df_lib-min.js Show response js-admin.df.eu/TS1612276898/	315 KB 91 KB	193ms 64ms	Script application/x-javascript	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://js-admin.df.eu/TS1612276898/df_lib-min.js Requested by Host: admin.df.eu URL: https://admin.df.eu/public/index.php5?module=chmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash 3a27bbb101f4be997e9b09c788e37f794d5c995cc2f0f268b967055f6f383c79 Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Content-Encoding gzip Last-Modified Tue, 02 Feb 2021 14:41:59 GMT Server nginx ETag "601964b7-16b3e" Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Content-Length 92990 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	modernizr-min.js Show response js-admin.df.eu/TS1612276919/	12 KB 5 KB	167ms 33ms	Script application/x-javascript	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://js-admin.df.eu/TS1612276919/modernizr-min.js Requested by Host: admin.df.eu URL: https://admin.df.eu/public/index.php5?module=chmail Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash 7273465e624fce137edf409b2abe4be72c47c76685802dfcff7c6b77d2cc910c Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Content-Encoding gzip Last-Modified Tue, 02 Feb 2021 14:42:07 GMT Server nginx ETag "601964bf-11b5" Vary Accept-Encoding Content-Type application/x-javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Content-Length 4533 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	moretype-depotnew-regular-webfont.woff2 css-admin.df.eu/TS1491229447/fonts/	23 KB 23 KB	192ms 64ms	Font font/woff2	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://css-admin.df.eu/TS1491229447/fonts/moretype-depotnew-regular-webfont.woff2 Requested by Host: css-admin.df.eu URL: https://css-admin.df.eu/TS1612276900/df_lib-min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash 2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d Request headers Origin https://admin.df.eu Referer https://css-admin.df.eu/TS1612276900/df_lib-min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Last-Modified Mon, 03 Apr 2017 14:24:07 GMT Server nginx ETag "58e25b07-5aec" Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 23276 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 48e81a0c03d9fee32bf4b746dfa2c1569fcaa6b19f70ed4d3e2c95b361698a12 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	moretype-depotnew-bold-webfont.woff2 css-admin.df.eu/TS1491229447/fonts/	22 KB 22 KB	187ms 64ms	Font font/woff2	80.67.16.35 GD-EMEA-DC-CGN1
General Check archive.org Show headers Download Go to Full URL https://css-admin.df.eu/TS1491229447/fonts/moretype-depotnew-bold-webfont.woff2 Requested by Host: css-admin.df.eu URL: https://css-admin.df.eu/TS1612276900/df_lib-min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 80.67.16.35 Cologne, Germany, ASN34011 (GD-EMEA-DC-CGN1, DE), Reverse DNS notinuse.ispgateway.de Software nginx / Resource Hash ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48 Request headers Origin https://admin.df.eu Referer https://css-admin.df.eu/TS1612276900/df_lib-min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 26 Feb 2021 07:25:27 GMT Last-Modified Mon, 03 Apr 2017 14:24:07 GMT Server nginx ETag "58e25b07-5870" Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Accept-Ranges bytes Content-Length 22640 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/gpl/domfactory/dev/	38 KB 11 KB	116ms 38ms	Script application/x-javascript	23.79.129.43 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/gpl/domfactory/dev/utag.js Requested by Host: admin.df.eu URL: https://admin.df.eu/public/index.php5?module=chmail Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-129-43.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 0b2ac2170f58b8237c7e882500f701145a3f6b5ad6e5cb45f8fe039d957fdc23 Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 07:25:27 GMT content-encoding gzip last-modified Tue, 18 Aug 2020 15:23:30 GMT server AkamaiNetStorage etag "710198f3d0db32b420719da214f40bb6:1597764210.397685" vary Accept-Encoding content-type application/x-javascript cache-control max-age=300 accept-ranges bytes content-length 11234 expires Fri, 26 Feb 2021 07:30:27 GMT
GET DATA	200 OK	truncated /	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 202 B	35ms 35ms	Script application/x-javascript	23.79.129.43 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/domfactory/202008181523&cb=1614324327581 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/gpl/domfactory/dev/utag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.79.129.43 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-79-129-43.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers Referer https://admin.df.eu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 26 Feb 2021 07:25:27 GMT last-modified Thu, 14 Apr 2016 16:57:51 GMT server AkamaiNetStorage etag "7bc0ee636b3b83484fc3b9348863bd22:1460653071" content-type application/x-javascript cache-control max-age=600 accept-ranges bytes content-length 2 expires Fri, 26 Feb 2021 07:35:27 GMT

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| DF object| CrashKit function| reportJsError object| lang function| deleteStatusMeldungen function| addError function| addWarning function| addNotice function| addSuccess function| addMessage function| initStatusMeldungen function| redrawProgressBar function| softResize function| resizeContainer function| switchCheckbox function| link_popup function| raw_popup function| setCookie function| unsetPointer function| setPointer function| highlight undefined| hClasses object| oDefaultExpireTime boolean| bSecure string| _POPUP_FEATURES boolean| bSwitched object| asMeldungen function| isFalse function| isTrue function| getPhpVersionsSelectHelper function| sprintf function| vsprintf function| d object| FixedSticky object| Modernizr object| utag_data object| dataLayer object| $THISPAGE object| hTimings boolean| DNT function| addDebug function| _oldAddSuccess function| _oldAddNotice function| _oldAddWarning function| _oldAddError function| _oldDeleteStatusMeldungen boolean| utag_condload function| utag_jsonflatten object| utag_jsonflattenobj object| utag boolean| __tealium_twc_switch

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.df.eu/	1970-01-20 01:11:00	Name: utag_main Value: v_id:0177dd3a649200225f38f6263ec600078003307000b08$_sn:1$_se:1$_ss:1$_st:1614326127571$ses_id:1614324327571%3Bexp-session$_pn:1%3Bexp-session
			.df.eu/	1970-01-19 18:34:56	Name: OPTOUTMULTI Value: 0:0%7Cc2:1%7Cc4:1%7Cc3:1
			admin.df.eu/	1970-01-19 16:25:24	Name: sHtmlClass Value: js%20theme-df%20page-chmail%20fixedsticky-withoutfixedfixed%20history%20no-localstorage%20sessionstorage%20hashchange%20details%20domready%20scrollbarwidth_1%20multiupload%20csscalc%20cookies%20js%20iframe
			admin.df.eu/	1969-12-31 23:59:59	Name: APP_LOCALE Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:;
Strict-Transport-Security	max-age=3153600; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.df.eu
css-admin.df.eu
js-admin.df.eu
tags.tiqcdn.com
192.124.249.168
23.79.129.43
80.67.16.35
0b2ac2170f58b8237c7e882500f701145a3f6b5ad6e5cb45f8fe039d957fdc23
119d9c408a017e6bacdb2e3059d7816d9c4114f00adde7aee177ecae74c05e3c
272a87b5c8845376d29768a74fce02934a3d6ba950ccdcec0fa45abe8423a161
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
3a27bbb101f4be997e9b09c788e37f794d5c995cc2f0f268b967055f6f383c79
48e81a0c03d9fee32bf4b746dfa2c1569fcaa6b19f70ed4d3e2c95b361698a12
7273465e624fce137edf409b2abe4be72c47c76685802dfcff7c6b77d2cc910c
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
f2864d7b0aa7391397a31847c6420c6befab7fe64b4e4e823d493ca31e575297