urlscan.io logo urlscan.io
SecurityTrails logo

admin.df.eu Open in urlscan Pro
192.124.249.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://webmail.df.eu/
Effective URL: https://admin.df.eu/kunde/index.php?into=appsuite
Submission: On May 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 1 domains to perform 10 HTTP transactions. The main IP is 192.124.249.168, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is admin.df.eu.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 6th 2024. Valid for: a year.
This is the only time admin.df.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 134.119.228.27 34011 (GD-EMEA-D...)
1 192.124.249.168 30148 (SUCURI-SEC)
4 192.124.249.103 30148 (SUCURI-SEC)
3 192.124.249.119 30148 (SUCURI-SEC)
2 2a02:fe80:101... 30148 (SUCURI-SEC)
10 5
2    134.119.228.27 (Cologne, Germany)

ASN34011 (GD-EMEA-DC-CGN1, DE)
webmail.df.eu
1    192.124.249.168 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10168.sucuri.net
admin.df.eu
4    192.124.249.103 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10103.sucuri.net
css-admin.df.eu
3    192.124.249.119 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10119.sucuri.net
js-admin.df.eu
2    2a02:fe80:1010::3:7 (United States)

ASN30148 (SUCURI-SEC, US)
www.df.eu
Apex Domain
Subdomains		 Transfer
12 df.eu
webmail.df.eu
admin.df.eu
css-admin.df.eu
js-admin.df.eu
www.df.eu
748 KB
10 1
Domain Requested by
4 css-admin.df.eu admin.df.eu
css-admin.df.eu
3 js-admin.df.eu admin.df.eu
2 www.df.eu
2 webmail.df.eu 2 redirects
1 admin.df.eu
10 5

This site contains links to these domains. Also see Links.

Domain
www.df.eu
status.df.eu
sso.df.eu
sso.secureserver.net
login.microsoftonline.com
Subject Issuer Validity Valid
admin.df.eu
Starfield Secure Certificate Authority - G2		 2024-03-06 -
2025-03-06		 a year crt.sh
*.df.eu
Go Daddy Secure Certificate Authority - G2		 2024-01-02 -
2025-02-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.df.eu/kunde/index.php?into=appsuite
Frame ID: 9797F79BC35BF2B9194FE83C87AFBF5C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Webmail | DomainFactory

Page URL History Show full URLs

  1. http://webmail.df.eu/ HTTP 307
    https://webmail.df.eu/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite HTTP 307
    http://webmail.df.eu/ HTTP 307
    https://webmail.df.eu/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

1
Domains

5
Subdomains

5
IPs

2
Countries

747 kB
Transfer

810 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://webmail.df.eu/ HTTP 307
    https://webmail.df.eu/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite HTTP 307
    http://webmail.df.eu/ HTTP 307
    https://webmail.df.eu/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
admin.df.eu/kunde/
Redirect Chain
  • http://webmail.df.eu/
  • https://webmail.df.eu/
  • https://admin.df.eu/kunde/index.php?into=appsuite
  • http://webmail.df.eu/
  • https://webmail.df.eu/
  • https://admin.df.eu/kunde/index.php?into=appsuite
65 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.168 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10168.sucuri.net
Software
nginx /
Resource Hash
5e507b16dbeba9f6b02c60c043f12fba227013afcbb591e85d60bce4e1e7fa49
Security Headers
Name Value
Content-Security-Policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://*.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate
content-encoding
gzip
content-length
31736
content-security-policy
default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://*.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
content-type
text/html; charset=UTF-8
date
Thu, 02 May 2024 07:04:08 GMT
etag
"df-0d73a666e4c6705ecb58a7c3129eefb1"
referrer-policy
strict-origin-when-cross-origin no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
15018
x-ua-compatible
IE=Edge,chrome=IE8
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Content-Length
257
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 02 May 2024 07:04:02 GMT
Location
https://admin.df.eu/kunde/index.php?into=appsuite
Server
Apache
df_lib-min.css
css-admin.df.eu/TS1714483637/ 		247 KB
248 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1714483637/df_lib-min.css
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
48401c753a9ec87be7bd259ae0d496d43d2fc635e9d78052ca2108361c64ca59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
252512
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 13:27:18 GMT
server
nginx
etag
"6630f1b6-3da60"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
startauftrag-min.css
css-admin.df.eu/TS1714483633/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1714483633/startauftrag-min.css
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
547
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 13:27:13 GMT
server
nginx
etag
"6630f1b1-223"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-min.js
js-admin.df.eu/TS1714483631/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1714483631/jquery-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
6050c6d5549b2b569b13a4e91002abda1927d4878a33b817bae52bea0b6f05f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
88888
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 13:27:13 GMT
server
nginx
etag
"6630f1b1-15b38"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
df_lib-min.js
js-admin.df.eu/TS1714483634/ 		316 KB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1714483634/df_lib-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
f977d0d1e27380e0745d057835a3f669937c5d976d7f569e314fa7262fb1d4cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
323845
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 13:27:17 GMT
server
nginx
etag
"6630f1b5-4f105"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-min.js
js-admin.df.eu/TS1714483637/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1714483637/modernizr-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
efb472872c21fb31efd6691251ae674c554b8eea256352aaadd282860b8515ad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
11778
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Apr 2024 13:27:19 GMT
server
nginx
etag
"6630f1b7-2e02"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
moretype-depotnew-regular-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-regular-webfont.woff2
Requested by
Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1714483637/df_lib-min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://css-admin.df.eu/TS1714483637/df_lib-min.css
Origin
https://admin.df.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
23276
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Aug 2021 08:42:56 GMT
server
nginx
etag
"6107b010-5aec"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		783 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		729 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		318 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		474 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		777 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
moretype-depotnew-bold-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-bold-webfont.woff2
Requested by
Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1714483637/df_lib-min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://css-admin.df.eu/TS1714483637/df_lib-min.css
Origin
https://admin.df.eu
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
22640
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Aug 2021 08:42:56 GMT
server
nginx
etag
"6107b010-5870"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
www.df.eu/ 		181 B
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.df.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::3:7 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
x-sucuri-cache
HIT
content-length
181
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 22 Jun 2022 10:36:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
feature-policy
geolocation 'self'; midi 'self'; payment 'self'; camera 'self'; usb 'self'; fullscreen 'self'; magnetometer 'self'; picture-in-picture *; accelerometer 'self'; encrypted-media 'self'; autoplay 'self'; gyroscope 'self'; sync-xhr 'self'; microphone 'self'
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
favicon.ico
www.df.eu/ 		181 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.df.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::3:7 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 07:04:08 GMT
content-security-policy
default-src 'self' https://*.tellja.eu https://siteintercept.qualtrics.com https://*.clarity.ms https://bat.bing.com https://admin.df.eu/ https://analytics.aklamio.com https://*.ampproject.org https://*.lpsnmedia.net https://*.tealiumiq.com https://*.google.com https://*.google.de https://*.doubleclick.net https://*.optimizely.com https://www.google-analytics.com https://*.facebook.com; connect-src 'self' https://www.sjwoe.com https://www.emjcd.com https://*.analytics.google.com wss://lo.msg.liveperson.net/ https://*.googlesyndication.com https://www.google-analytics.com https://*.tellja.eu https://*.bing.com https://*.doubleclick.net https://*.metrics.convertexperiments.com https://*.convertexperiments.com https://*.optimizetoolkit.com; style-src 'self' 'unsafe-inline' https://github.githubassets.com https://fonts.googleapis.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://pix.hyj.mobi https://d.hyj.mobi https://*.tellja.eu https://*.googletagmanager.com https://*.amazonaws.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://gist.github.com https://my.tealiumiq.com http://tags.tiqcdn.com https://*.clarity.ms https://*.omnitagjs.com https://*.adnxs.com https://*.aklamio.com https://*.doubleclick.net https://java.com https://tags.tiqcdn.com https://*.cloudstorage.secureserver.net https://static-artifact.heg-cp.com https://cdn.polyfill.io https://www.google.com https://www.gstatic.com https://*.optimizely.com https://www.googleadservices.com https://bat.bing.com https://www.dwin1.com https://connect.facebook.net https://www.google-analytics.com ajax.googleapis.com https://*.twitter.com https://static.ads-twitter.com https://*.ampproject.org https://*.wsimg.com https://*.liveperson.net https://*.lpsnmedia.net; font-src 'self' https://fonts.gstatic.com https://optimizely.github.io; object-src 'self'; img-src 'self' 'unsafe-inline' https://sync.1rx.io https://simage2.pubmatic.com https://e1.emxdgt.com https://s.ad.smaato.net https://rtb-csync.smartadserver.com https://sync.targeting.unrulymedia.com https://ups.analytics.yahoo.com https://csync.loopme.me https://ad.yieldlab.net https://pixel.rubiconproject.com https://ad.360yield.com https://ih.adscale.de https://*.openx.net https://*.connectad.io https://inv-nets.admixer.net https://usync.vrtcal.com https://*.pubmine.com https://cm.adform.net https://*.bidswitch.net https://*.casalemedia.com https://*.tellja.eu https://*.tellja.de https://*.tellja.eu https://my.tealiumiq.com https://collect.tealiumiq.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://siteintercept.qualtrics.com https://*.google.co.uk https://analytics.twitter.com https://paintbrush.heg-cp.com https://*.clarity.ms https://*.bing.com https://irp.cdn-website.com https://*.atdmt.com https://*.zemanta.com https://*.trustpilot.com https://*.aklamio.com https://img1.wsimg.com https://*.lpsnmedia.net https://java.com https://www.df.eu/ data: https://i.ytimg.com https://*.g.doubleclick.net https://bat.bing.com https://www.google-analytics.com https://www.facebook.com https://www.google.com https://www.google.de https://t.co https://*.multiscreensite.com; frame-src 'self' mailto: https://*.liveperson.net/ https://*.tellja.eu https://*.df.eu https://*.dftest.eu https://*.qualtrics.com/ https://*.doubleclick.net https://www.youtube-nocookie.com https://*.aklamio.com https://lo.tokenizer.liveperson.net https://pixel.bsmartdata.com https://www.google.com https://*.optimizely.com https://*.convertexperiments.com https://*.metrics.convertexperiments.com https://*.optimizetoolkit.com https://*.facebook.com https://*.facebook.net www.youtube.com *.vimeo.com *.vimeocdn.com https://*.fls.doubleclick.net https://*.lpsnmedia.net https://server.lon.liveperson.net/;
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
181
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 22 Jun 2022 10:36:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
feature-policy
geolocation 'self'; midi 'self'; payment 'self'; camera 'self'; usb 'self'; fullscreen 'self'; magnetometer 'self'; picture-in-picture *; accelerometer 'self'; encrypted-media 'self'; autoplay 'self'; gyroscope 'self'; sync-xhr 'self'; microphone 'self'
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| DF object| CrashKit function| reportJsError object| lang function| deleteStatusMeldungen function| addError function| addWarning function| addNotice function| addSuccess function| addMessage function| initStatusMeldungen function| redrawProgressBar function| softResize function| resizeContainer function| switchCheckbox function| link_popup function| raw_popup function| setCookie function| unsetPointer function| setPointer function| highlight undefined| hClasses object| oDefaultExpireTime boolean| bSecure string| _POPUP_FEATURES boolean| bSwitched object| asMeldungen function| isFalse function| isTrue function| getPhpVersionsSelectHelper function| sprintf function| vsprintf function| d object| FixedSticky object| Modernizr object| $THISPAGE object| hTimings boolean| DNT function| addDebug function| _oldAddSuccess function| _oldAddNotice function| _oldAddWarning function| _oldAddError function| _oldDeleteStatusMeldungen

2 Cookies

Domain/Path Name / Value
admin.df.eu/ Name: APP_LOCALE
Value: de
admin.df.eu/ Name: sHtmlClass
Value: js%20theme-df%20page-login%20fixedsticky-withoutfixedfixed%20history%20localstorage%20sessionstorage%20hashchange%20details%20domready%20scrollbarwidth_1%20multiupload%20csscalc%20cookies%20js%20iframe

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://admin.df.eu/kunde/index.php?into=appsuite
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://admin.df.eu/kunde/index.php?into=appsuite
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://admin.df.eu/kunde/index.php?into=appsuite
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; connect-src https: wss://*.liveperson.net; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu; connect-src 'self' https: wss://*.liveperson.net https://*.lpsnmedia.net;
Strict-Transport-Security max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.df.eu
css-admin.df.eu
js-admin.df.eu
webmail.df.eu
www.df.eu
134.119.228.27
192.124.249.103
192.124.249.119
192.124.249.168
2a02:fe80:1010::3:7
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
48401c753a9ec87be7bd259ae0d496d43d2fc635e9d78052ca2108361c64ca59
541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a
58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb
5e507b16dbeba9f6b02c60c043f12fba227013afcbb591e85d60bce4e1e7fa49
6050c6d5549b2b569b13a4e91002abda1927d4878a33b817bae52bea0b6f05f0
6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d
877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d
8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493
d9c7655297860a8cdb695ac0aa256f7a2fe3d222a7338921018046b306210e66
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efb472872c21fb31efd6691251ae674c554b8eea256352aaadd282860b8515ad
f977d0d1e27380e0745d057835a3f669937c5d976d7f569e314fa7262fb1d4cb
fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181