sso.df.eu Open in urlscan Pro
2a02:26f0:dc::6853:420 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589
Effective URL:
https://sso.df.eu/?app=jb&realm=idp
Submission: On January 20 via manual (January 20th 2023, 11:00:21 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 49 HTTP transactions. The main IP is 2a02:26f0:dc::6853:420, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is sso.df.eu.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 28th 2022. Valid for: a year.

This is the only time sso.df.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	188.93.14.4 188.93.14.4	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
16 16	188.93.14.2 188.93.14.2	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:26f0:dc:... 2a02:26f0:dc::6853:420	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:dc:... 2a02:26f0:dc::6853:43a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.36.163.236 23.36.163.236	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::5f65:1730	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
49	12

19 188.93.14.4 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)

jiffybox.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 188.93.14.2 (Germany) 16 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: amazonas.ispgateway.de

admin.jiffybox.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:dc::6853:420 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

sso.df.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc::6853:43a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.heg-cp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.163.236 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-236.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::5f65:1730 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

paintbrush.heg-cp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	df.eu jiffybox.df.eu sso.df.eu	977 KB
16	jiffybox.de 16 redirects admin.jiffybox.de	2 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	411 KB
3	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2205	24 KB
2	heg-cp.com cdn.heg-cp.com paintbrush.heg-cp.com — Cisco Umbrella Rank: 680991	1 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 969	10 KB
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 4204	59 KB
1	wsimg.com img1.wsimg.com — Cisco Umbrella Rank: 8965	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	185 B
49	10

	Domain	Requested by
19	jiffybox.df.eu	jiffybox.df.eu
16	admin.jiffybox.de	16 redirects
11	sso.df.eu	jiffybox.df.eu sso.df.eu
4	www.gstatic.com	www.recaptcha.net www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
3	www.recaptcha.net	sso.df.eu www.gstatic.com www.recaptcha.net
2	tags.tiqcdn.com	jiffybox.df.eu tags.tiqcdn.com
1	paintbrush.heg-cp.com
1	images.unsplash.com
1	img1.wsimg.com
1	cdn.heg-cp.com	sso.df.eu
1	fonts.googleapis.com	client
1	www.facebook.com	jiffybox.df.eu
49	13

This site contains links to these domains. Also see Links.

Domain
www.df.eu

Subject Issuer	Validity	Valid
*.df.eu Go Daddy Secure Certificate Authority - G2	`2022-12-09` - `2024-01-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-29` - `2023-01-27`	3 months	crt.sh
*.tiqcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-12` - `2024-01-14`	a year	crt.sh
www.df.eu Go Daddy Secure Certificate Authority - G2	`2022-06-28` - `2023-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
legal.emeaint.godaddy.com Go Daddy Secure Certificate Authority - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.wsimg.com Starfield Secure Certificate Authority - G2	`2022-09-15` - `2023-10-17`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
paintbrush.heg-cp.com Go Daddy Secure Certificate Authority - G2	`2022-06-07` - `2023-07-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sso.df.eu/?app=jb&realm=idp
Frame ID: 20C98AC583103C284DE852BE24B5879C
Requests: 42 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&co=aHR0cHM6Ly9zc28uZGYuZXU6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=7xq9xnn68ked
Frame ID: A159CCC27307FF8B19D4FE5D660E451D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung | DomainFactory

Page URL History Show full URLs

https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589 Page URL
https://sso.df.eu/?app=jb&realm=idp Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

49
Requests

67 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1484 kB
Transfer

3099 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.df.eu/

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/datenschutzrichtlinie/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.df.eu/de/widerrufsrecht/
Title: Widerrufsrecht

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589 Page URL
https://sso.df.eu/?app=jb&realm=idp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://admin.jiffybox.de/TS1505889841/css/jquery-ui.css HTTP 301
https://jiffybox.df.eu/TS1505889841/css/jquery-ui.css

Request Chain 2

https://admin.jiffybox.de/TS1508765539/css/jquery-ui.custom.css HTTP 301
https://jiffybox.df.eu/TS1508765539/css/jquery-ui.custom.css

Request Chain 3

https://admin.jiffybox.de/TS1505889841/css/ui.selectmenu.css HTTP 301
https://jiffybox.df.eu/TS1505889841/css/ui.selectmenu.css

Request Chain 4

https://admin.jiffybox.de/TS1508765539/css/jiffysprites.css HTTP 301
https://jiffybox.df.eu/TS1508765539/css/jiffysprites.css

Request Chain 5

https://admin.jiffybox.de/TS1508765539/css/styles.css HTTP 301
https://jiffybox.df.eu/TS1508765539/css/styles.css

Request Chain 6

https://admin.jiffybox.de/TS1508765539/css/controlpanel.css HTTP 301
https://jiffybox.df.eu/TS1508765539/css/controlpanel.css

Request Chain 7

https://admin.jiffybox.de/TS1612169735/css/login.css HTTP 301
https://jiffybox.df.eu/TS1612169735/css/login.css

Request Chain 8

https://admin.jiffybox.de/TS1505889841/js/jquery2.min.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery2.min.js

Request Chain 9

https://admin.jiffybox.de/TS1505889841/js/jquery-migrate-1.2.1.min.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery-migrate-1.2.1.min.js

Request Chain 10

https://admin.jiffybox.de/TS1505889841/js/jquery-ui.min.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery-ui.min.js

Request Chain 11

https://admin.jiffybox.de/TS1505889841/js/jquery.ui.selectmenu.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery.ui.selectmenu.js

Request Chain 12

https://admin.jiffybox.de/TS1505889841/js/jquery.tooltip.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery.tooltip.js

Request Chain 13

https://admin.jiffybox.de/TS1505889841/js/jquery.tablesorter.min.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery.tablesorter.min.js

Request Chain 14

https://admin.jiffybox.de/TS1505889841/js/jquery.blockUI.min.js HTTP 301
https://jiffybox.df.eu/TS1505889841/js/jquery.blockUI.min.js

Request Chain 15

https://admin.jiffybox.de/TS1508765539/js/ext.js HTTP 301
https://jiffybox.df.eu/TS1508765539/js/ext.js

Request Chain 16

https://admin.jiffybox.de/TS1612169735/js/base.js HTTP 301
https://jiffybox.df.eu/TS1612169735/js/base.js

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 index.php Show response
jiffybox.df.eu/ 6 KB
6 KB 190ms
145ms Document
text/html 188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

14c27fd1cb054db6478f10cad31322378de6c7d7b14f4742f9011385389d53fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
x-frame-options: SAMEORIGIN

GET
H2

200

jquery-ui.css
jiffybox.df.eu/TS1505889841/css/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/css/jquery-ui.css
https://jiffybox.df.eu/TS1505889841/css/jquery-ui.css

35 KB
35 KB

22ms
20ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/css/jquery-ui.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

cecf5c59ff7c288bf90cc6221756bd9612464308557b92ca54f27d1cd108f3cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-8a14"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 35348
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/css/jquery-ui.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery-ui.custom.css
jiffybox.df.eu/TS1508765539/css/
Redirect Chain

https://admin.jiffybox.de/TS1508765539/css/jquery-ui.custom.css
https://jiffybox.df.eu/TS1508765539/css/jquery-ui.custom.css

25 KB
25 KB

30ms
29ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1508765539/css/jquery-ui.custom.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

11a36a5841c3c244098be63dbbcaa3cb4e034e50a876be77f6296f16e76d7249

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 23 Oct 2017 13:32:19 GMT
server: nginx/1.20.1
etag: "59edef63-6429"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25641
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1508765539/css/jquery-ui.custom.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

ui.selectmenu.css
jiffybox.df.eu/TS1505889841/css/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/css/ui.selectmenu.css
https://jiffybox.df.eu/TS1505889841/css/ui.selectmenu.css

3 KB
3 KB

31ms
30ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/css/ui.selectmenu.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c252b5da2c75852c9355cea14ea621320d4b194a79bdc0c0b17ed5acf151cbc3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-c81"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3201
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/css/ui.selectmenu.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jiffysprites.css
jiffybox.df.eu/TS1508765539/css/
Redirect Chain

https://admin.jiffybox.de/TS1508765539/css/jiffysprites.css
https://jiffybox.df.eu/TS1508765539/css/jiffysprites.css

13 KB
13 KB

31ms
30ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1508765539/css/jiffysprites.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

6411da6fb85fd510f1f25649af59f9fe53b705761c844bab4da681a28f22f0db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 23 Oct 2017 13:32:19 GMT
server: nginx/1.20.1
etag: "59edef63-34c5"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 13509
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1508765539/css/jiffysprites.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

styles.css
jiffybox.df.eu/TS1508765539/css/
Redirect Chain

https://admin.jiffybox.de/TS1508765539/css/styles.css
https://jiffybox.df.eu/TS1508765539/css/styles.css

15 KB
15 KB

32ms
31ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1508765539/css/styles.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

5b4a15c3ce7e24865b7dae0a8b8f83b007f050dd8c3b61e924ea1079efbcf185

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 23 Oct 2017 13:32:19 GMT
server: nginx/1.20.1
etag: "59edef63-3a32"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 14898
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1508765539/css/styles.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

controlpanel.css
jiffybox.df.eu/TS1508765539/css/
Redirect Chain

https://admin.jiffybox.de/TS1508765539/css/controlpanel.css
https://jiffybox.df.eu/TS1508765539/css/controlpanel.css

8 KB
9 KB

32ms
31ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1508765539/css/controlpanel.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

ecda34b6c120f9049d3595ec2999522295ce66bcb320f00e74a9b55e1607eba5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 23 Oct 2017 13:32:19 GMT
server: nginx/1.20.1
etag: "59edef63-2197"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8599
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1508765539/css/controlpanel.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

https://admin.jiffybox.de/TS1612169735/css/login.css
https://jiffybox.df.eu/TS1612169735/css/login.css

2 KB
3 KB

33ms
32ms

Stylesheet
text/css

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1612169735/css/login.css

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

11b855b2aeee3fdc979263eb3e293bbe9451c0ce9d29f1d18bdf8a5a823e0b20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 01 Feb 2021 08:55:35 GMT
server: nginx/1.20.1
etag: "6017c207-9fc"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2556
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1612169735/css/login.css
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery2.min.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery2.min.js
https://jiffybox.df.eu/TS1505889841/js/jquery2.min.js

82 KB
83 KB

30ms
29ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery2.min.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-14979"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 84345
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery2.min.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery-migrate-1.2.1.min.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery-migrate-1.2.1.min.js
https://jiffybox.df.eu/TS1505889841/js/jquery-migrate-1.2.1.min.js

7 KB
7 KB

33ms
32ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery-migrate-1.2.1.min.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-1c1f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 7199
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery-migrate-1.2.1.min.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery-ui.min.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery-ui.min.js
https://jiffybox.df.eu/TS1505889841/js/jquery-ui.min.js

235 KB
235 KB

31ms
30ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery-ui.min.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-3ab2b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 240427
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery-ui.min.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery.ui.selectmenu.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery.ui.selectmenu.js
https://jiffybox.df.eu/TS1505889841/js/jquery.ui.selectmenu.js

25 KB
25 KB

31ms
30ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery.ui.selectmenu.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

8243b10aaff7ad9644ba486e42338494b5720a1c99d8166f14c3032c69fae575

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-649e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 25758
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery.ui.selectmenu.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery.tooltip.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery.tooltip.js
https://jiffybox.df.eu/TS1505889841/js/jquery.tooltip.js

8 KB
8 KB

33ms
32ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery.tooltip.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

5455146c2e07dbfa783664279b744964227ad9a4e6c3e110b1caffe502d843b4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-200d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 8205
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery.tooltip.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery.tablesorter.min.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery.tablesorter.min.js
https://jiffybox.df.eu/TS1505889841/js/jquery.tablesorter.min.js

16 KB
16 KB

34ms
33ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery.tablesorter.min.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

021b42a30a7a1f340211764fd0175b935260f4f118b71f3f8d991f1c98176367

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-40ee"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 16622
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery.tablesorter.min.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

jquery.blockUI.min.js Show response
jiffybox.df.eu/TS1505889841/js/
Redirect Chain

https://admin.jiffybox.de/TS1505889841/js/jquery.blockUI.min.js
https://jiffybox.df.eu/TS1505889841/js/jquery.blockUI.min.js

9 KB
9 KB

35ms
34ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1505889841/js/jquery.blockUI.min.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

806aedff52ac822f2adc5797073e1e5c5cec32eb9f15f2319cb32a347dcd232b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-242e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9262
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1505889841/js/jquery.blockUI.min.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

ext.js Show response
jiffybox.df.eu/TS1508765539/js/
Redirect Chain

https://admin.jiffybox.de/TS1508765539/js/ext.js
https://jiffybox.df.eu/TS1508765539/js/ext.js

36 KB
36 KB

35ms
34ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1508765539/js/ext.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

b15656fa6a0e72817bcb55e74892c02cf6a33894ca8ee8decc23d25b771aa142

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 23 Oct 2017 13:32:19 GMT
server: nginx/1.20.1
etag: "59edef63-8f71"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 36721
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1508765539/js/ext.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2

200

base.js Show response
jiffybox.df.eu/TS1612169735/js/
Redirect Chain

https://admin.jiffybox.de/TS1612169735/js/base.js
https://jiffybox.df.eu/TS1612169735/js/base.js

38 KB
38 KB

35ms
35ms

Script
application/javascript

188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL

https://jiffybox.df.eu/TS1612169735/js/base.js

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

96272928248e137a9b276fdddb6417fbadbd366da1e068ead34ea7a1b13e381f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Mon, 01 Feb 2021 08:55:35 GMT
server: nginx/1.20.1
etag: "6017c207-972a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 38698
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location: https://jiffybox.df.eu/TS1612169735/js/base.js
date: Fri, 20 Jan 2023 11:00:13 GMT
server: nginx/1.20.1
content-length: 169
x-frame-options: SAMEORIGIN
content-type: text/html

GET
H2 200 logo16.svg
jiffybox.df.eu/images/ 3 KB
3 KB 9ms
8ms Image
image/svg+xml 188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jiffybox.df.eu/images/logo16.svg

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

044c393307c5fa50acd0ad4fc51533bedc5df3e56e1ff6ae67a99893c2ae6303

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-c8f"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 3215

GET
H2 200 tr
www.facebook.com/ 0
185 B 63ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=627600847358004&ev=PixelInitialized

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 20 Jan 2023 11:00:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 busy.gif
jiffybox.df.eu/images/ 771 B
974 B 8ms
8ms Image
image/gif 188.93.14.4
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jiffybox.df.eu/images/busy.gif

Requested by

Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.93.14.4 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Wed, 20 Sep 2017 06:44:01 GMT
server: nginx/1.20.1
etag: "59c20e31-303"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 771
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/gpl/domfactory/prod/ 31 KB
10 KB 94ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/gpl/domfactory/prod/utag.js
Requested by: Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5da36a13e2f5f872f80692a0736c2cf42d720b292f0f9beeaec3a61633bccbb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 09:21:46 GMT
server: AkamaiNetStorage
etag: "7f051ee9903a178b3196e2d06bea9c84:1663838506.225407"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 9910
expires: Fri, 20 Jan 2023 11:05:13 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 13ms
13ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/domfactory/202209220921&cb=1674212413615
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/gpl/domfactory/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jiffybox.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:13 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 20 Jan 2023 11:10:13 GMT

GET
H2 200 Primary Request / Show response
sso.df.eu/ 8 KB
2 KB 401ms
93ms Document
text/html 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/?app=jb&realm=idp
Requested by: Host: jiffybox.df.eu
URL: https://jiffybox.df.eu/index.php?module=rechnungen&action=getPDF&rid=32427589
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cb6a2a2af91cd35b8249b31c9256e54f5b88d66a1dd5dca2f72ab7fed0aaf97

Request headers

Referer: https://jiffybox.df.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 1633
content-type: text/html
date: Fri, 20 Jan 2023 11:00:14 GMT
etag: W/"63742bf8-213b"
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
vary: Accept-Encoding
x-brand-proxy-time: 2023-01-20T11:00:14+00:00

GET
H2 200 4.main.ce7aea3c50b8bde0b8a5.css
sso.df.eu/ 4 KB
2 KB 22ms
21ms Stylesheet
text/css 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/4.main.ce7aea3c50b8bde0b8a5.css
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/?app=jb&realm=idp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3472dba71ebed87c3f5f2f032ab970406655ca16c9da26056fff8da5d6c0903e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:14 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-05T20:13:29+00:00
etag: W/"63742bf8-10bd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=47242
content-length: 1516
expires: Sat, 21 Jan 2023 00:07:36 GMT

GET
H2 200 config.js Show response
sso.df.eu/static/ 226 B
365 B 22ms
21ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/config.js?41d92a85d99557b7e448
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/?app=jb&realm=idp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 196e43bdacfa03cf170bb732c534b46f57000706f52d10353ce736d1d7106370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:14 GMT
content-encoding: gzip
server: nginx
x-brand-proxy-time: 2023-01-19T21:05:08+00:00
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=36266
content-length: 183
expires: Fri, 20 Jan 2023 21:04:40 GMT

GET
H2 200 runtime.fd7a53f73be02743d6fb.bundle.js Show response
sso.df.eu/static/ 5 KB
2 KB 23ms
22ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/runtime.fd7a53f73be02743d6fb.bundle.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/?app=jb&realm=idp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: beb035cb53aa7f6769333d969243c717b9362f856af777babe4d9547a7ab11c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:14 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-06T00:59:15+00:00
etag: W/"63742bf8-132b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=47131
content-length: 2026
expires: Sat, 21 Jan 2023 00:05:45 GMT

GET
H2 200 4.1c986301cc58a43587d7.chunk.js Show response
sso.df.eu/static/ 1 MB
369 KB 23ms
23ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/?app=jb&realm=idp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 75ef9cbb7d3fd9104a2fd8f77088c0238ee569fb6b4dedf0c8559c9cd0ea8f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:14 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-06T02:30:26+00:00
etag: W/"63742bf8-151615"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=44072
content-length: 376884
expires: Fri, 20 Jan 2023 23:14:46 GMT

POST
H2 200 brand-pilot Show response
sso.df.eu/api/ 4 KB
2 KB 58ms
57ms Fetch
application/json 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/api/brand-pilot
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PHP/8.1.12, PHP/7.4.22
Resource Hash: bc446a3a7fbe7f036d0e4d5240339e50fcdb4fbb1cd451788856edfc4ac01f5e

Request headers

Referer: https://sso.df.eu/?app=jb&realm=idp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
server: nginx
x-brand-proxy-time: 2023-01-20T11:00:15+00:00
x-powered-by: PHP/8.1.12, PHP/7.4.22
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
content-length: 1658

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 107ms
43ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:500|Noto+Sans:400&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0650773883fe6c14d49843bbee4dec9f5ffcc19e687e3174f4dfad05af58314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 11:00:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Jan 2023 11:00:15 GMT

GET
H2 200 314053f5-0092-496c-b899-e9923f4b4f05 Show response
sso.df.eu/api/lexicon/ 56 KB
14 KB 47ms
47ms Fetch
application/json 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/api/lexicon/314053f5-0092-496c-b899-e9923f4b4f05?locales%5B0%5D=de-de&locales%5B1%5D=de&scopes%5B0%5D=sso&scopes%5B1%5D=bks&scopes%5B2%5D=ux&scopes%5B3%5D=country&flat=true
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / Express
Resource Hash: 234bf5464060174c1a927ba0ab1d758a7e7fa8444579b0cdaac4e34320746d51

Request headers

Referer: https://sso.df.eu/?app=jb&realm=idp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
server: nginx
x-brand-proxy-time: 2023-01-20T11:00:15+00:00
x-powered-by: Express
etag: W/"e076-SCvnAK8cPlub1PnGaapem2Ao2YQ"
vary: Accept-Encoding
x-hostname: lexicon-api-prod-44-qxr5d
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 13697

GET
H2 200 de.js Show response
cdn.heg-cp.com/react-intl@2.9.0/locale-data/ 3 KB
826 B 168ms
18ms Script
application/javascript 2a02:26f0:dc::6853:43a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heg-cp.com/react-intl@2.9.0/locale-data/de.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:43a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: a81932c28ef26ac14ff4ff84ae4447fd57478d48b768d2bb51d000cf505aebbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: br
last-modified: Sun, 15 Jan 2023 04:34:06 GMT
server: Akamai Resource Optimizer
etag: "73800695f6aa49a3a9a3ba5caaae457f:1568633234.803384"
content-type: application/javascript
cache-control: max-age=8640000
accept-ranges: bytes
content-length: 606
expires: Sun, 30 Apr 2023 11:00:15 GMT

GET
H2 200 0.b83a0f7a22f1ee6c89c1.chunk.js Show response
sso.df.eu/static/ 23 KB
7 KB 23ms
18ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/0.b83a0f7a22f1ee6c89c1.chunk.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/runtime.fd7a53f73be02743d6fb.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da93548de2dae57de03dd49c275a129334f08709291e9c661bfb1be3389c6d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-05T20:07:34+00:00
etag: W/"63742bf8-5aea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=35991
content-length: 6592
expires: Fri, 20 Jan 2023 21:00:06 GMT

GET
H2 200 2.da83a4d81ec0dfe44dc0.chunk.js Show response
sso.df.eu/static/ 19 KB
6 KB 23ms
19ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/2.da83a4d81ec0dfe44dc0.chunk.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/runtime.fd7a53f73be02743d6fb.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: da31cd2d9992150b67b94ba451db96a3cb1257db036f10ef5d5c0d2300899bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-06T04:43:08+00:00
etag: W/"63742bf8-4ab1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=20406
content-length: 5939
expires: Fri, 20 Jan 2023 16:40:21 GMT

GET
H2 200 20.63cbdddcfc7ff3b8611e.chunk.js Show response
sso.df.eu/static/ 1 KB
873 B 24ms
20ms Script
application/javascript 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sso.df.eu/static/20.63cbdddcfc7ff3b8611e.chunk.js
Requested by: Host: sso.df.eu
URL: https://sso.df.eu/static/runtime.fd7a53f73be02743d6fb.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c7bafeef8a930097a92ebabcce29bae8e6d17f609ad90086625e49bf33552487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/?app=jb&realm=idp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 00:16:56 GMT
server: nginx
x-brand-proxy-time: 2022-12-06T01:31:02+00:00
etag: W/"63742bf8-4ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=54515
content-length: 628
expires: Sat, 21 Jan 2023 02:08:50 GMT

GET
H2 200 Logo_DF_white_outline.svg
img1.wsimg.com/cdn/Image/All/FOS-Intl/1/en-US/d7b51ce3-22b3-498e-b7df-91db95b8155a/ 3 KB
2 KB 318ms
22ms Image
image/svg+xml 23.36.163.236
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img1.wsimg.com/cdn/Image/All/FOS-Intl/1/en-US/d7b51ce3-22b3-498e-b7df-91db95b8155a/Logo_DF_white_outline.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.236 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-236.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000008d19fb4-0060593fc4-1e16f0d63-default
content-disposition: inline; filename=Logo_DF_white_outline.svg
content-length: 1509
x-amz-meta-originalfilename: Logo_DF_white_outline.svg
last-modified: Wed, 08 Jul 2020 09:50:59 GMT
etag: "c507c5d1304ecae798319b35f12ac7a6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-datemodified: 2020-07-08T02:50:42.638Z
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 11:00:15 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
1001 B 362ms
43ms Script
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&hl=en

Requested by

Host: sso.df.eu
URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74cbe7b1cc2f0307ce7f89d9027027bf2346a10863c14b58e56f466f74b8b551

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Fri, 20 Jan 2023 11:00:15 GMT

GET
H2 200 photo-1505032482520-8588249459d6
images.unsplash.com/ 58 KB
59 KB 103ms
17ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1505032482520-8588249459d6?ixlib=rb-1.2.1&ixid=eyJhcHBfaWQiOjEyMDd9&auto=format&fit=crop&w=1354&q=80

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2b3b97dd23af298b536f3a3d1de4dccf701e18573b13986ac89cd74f14f6860b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
x-content-type-options: nosniff
age: 6302664
x-cache: HIT, HIT
x-imgix-id: 549d986d717d8356fe221c056a22da4e3a90c156
cross-origin-resource-policy: cross-origin
content-length: 59649
x-served-by: cache-sjc10026-SJC, cache-hhn-etou8220047-HHN
x-imgix-render-farm: 01.1096
last-modified: Tue, 08 Nov 2022 12:15:51 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 96ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:500|Noto+Sans:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso.df.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 309504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:01:51 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ 20 KB
21 KB 22ms
21ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:500|Noto+Sans:400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso.df.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 17:27:47 GMT
x-content-type-options: nosniff
age: 235948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jan 2024 17:27:47 GMT

GET
H2 200 eye.svg
paintbrush.heg-cp.com/glyphs/ 399 B
506 B 222ms
26ms Image
image/svg+xml 2a02:26f0:11a::5f65:1730
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paintbrush.heg-cp.com/glyphs/eye.svg?colors=rgba%2840%2C%2040%2C%2040%2C%200.85%29
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::5f65:1730 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / Express
Resource Hash: 67361fe21674e3cbd0c538ce93b8ccbd3fe75f8a8db55e0e1398204cdc69da34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.df.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:15 GMT
content-encoding: gzip
x-powered-by: Express
etag: "18f-aLoVBe4tlCPbbNBsNeZgSl0LHfA"
vary: Accept-Encoding
content-type: image/svg+xml; charset=utf-8
cache-control: private, max-age=93627
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 259
expires: Sat, 21 Jan 2023 13:00:42 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 401 KB
161 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3e6d9ed5dd1f0d2c611513d27ab4a4377757fb0b7804af25f11a656e5094dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sso.df.eu/
Origin: https://sso.df.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 04:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163892
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 04:44:22 GMT

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame A159 42 KB
22 KB 55ms
54ms Document
text/html 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&co=aHR0cHM6Ly9zc28uZGYuZXU6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=7xq9xnn68ked

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55dfb0ad92533d6cb8945a876465ff853c241cfc8c50b187232b0ba3fdd47c83

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-knVX0UB32SBQRYOEzDBR6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sso.df.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22462
content-security-policy: script-src 'report-sample' 'nonce-knVX0UB32SBQRYOEzDBR6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Jan 2023 11:00:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame A159 52 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&co=aHR0cHM6Ly9zc28uZGYuZXU6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=7xq9xnn68ked

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jan 2024 15:35:56 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ Frame A159 401 KB
160 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b3e6d9ed5dd1f0d2c611513d27ab4a4377757fb0b7804af25f11a656e5094dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 04:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163892
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Jan 2024 04:44:22 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A159 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 18:59:47 GMT
x-content-type-options: nosniff
age: 230429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:59:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A159 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 12:46:16 GMT
x-content-type-options: nosniff
age: 80040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 12:46:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A159 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 03:11:30 GMT
x-content-type-options: nosniff
age: 28126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 03:11:30 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame A159 102 B
134 B 44ms
43ms Other
text/javascript 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8eb3bfd91a1144cf7f20c5ddd6383097d0f206537bfc2575a7ac5f4acf0cee80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdGLJIUAAAAAH1DUhRDwCV5orvTaawvNM7Ocvws&co=aHR0cHM6Ly9zc28uZGYuZXU6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=7xq9xnn68ked
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 11:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 20 Jan 2023 11:00:16 GMT

POST
H2 202 events Show response
sso.df.eu/api/apm/intake/v2/rum/ 0
370 B 201ms
149ms Fetch 2a02:26f0:dc::6853:420
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.df.eu/api/apm/intake/v2/rum/events

Requested by

Host: sso.df.eu
URL: https://sso.df.eu/static/4.1c986301cc58a43587d7.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:420 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Content-Encoding: gzip
Referer: https://sso.df.eu/?app=jb&realm=idp
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-ndjson

Response headers

date: Fri, 20 Jan 2023 11:00:16 GMT
x-content-type-options: nosniff
server: nginx
x-found-handling-instance: instance-0000000006
x-found-handling-cluster: bebaf4960ddf47db87f7ddc18fb69039
access-control-allow-origin: https://sso.df.eu
x-cloud-request-id: jfQgGQewSQWBVAloRN25dQ
content-length: 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.df.eu/	1970-01-20 11:13:08	Name: OPTOUTMULTI Value: 0:0%7Cc2:1%7Cc1:1%7Cc4:1%7Cc3:1
.df.eu/	1970-01-20 17:49:08	Name: utag_main Value: _sn:1$_se:1$_ss:1$_st:1674214213609$ses_id:1674212413609%3Bexp-session$_pn:1%3Bexp-session
sso.df.eu/	1969-12-31 23:59:59	Name: 64b6cf3733c6a9e9a72ec6699102fd42 Value: 974a1de3d9dde0b77ca3d9aa9988683b
.df.eu/	1970-01-20 17:49:08	Name: brand_id Value: 314053f5-0092-496c-b899-e9923f4b4f05
.df.eu/	1970-01-20 17:49:08	Name: market Value: DE
sso.df.eu/	1969-12-31 23:59:59	Name: a224c98e147789ffa0bd16bc04dfad24 Value: cdc0793c7f81d2a413f8ed905e9cf0ed
sso.df.eu/	1970-01-20 09:46:44	Name: bpt_Seed Value: 34409
sso.df.eu/	1969-12-31 23:59:59	Name: bpt_experiment_id Value: {}
.df.eu/	1969-12-31 23:59:59	Name: ux-language-preferred Value: de-de
.unsplash.com/	1970-01-20 17:49:08	Name: ugid Value: 9bc25ec1c32e71fc33ca5d906c91d7365580708

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.jiffybox.de
cdn.heg-cp.com
fonts.googleapis.com
fonts.gstatic.com
images.unsplash.com
img1.wsimg.com
jiffybox.df.eu
paintbrush.heg-cp.com
sso.df.eu
tags.tiqcdn.com
www.facebook.com
www.gstatic.com
www.recaptcha.net
104.75.88.194
188.93.14.2
188.93.14.4
23.36.163.236
2a00:1450:4001:806::2003
2a00:1450:400d:808::2003
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
2a02:26f0:11a::5f65:1730
2a02:26f0:dc::6853:420
2a02:26f0:dc::6853:43a
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:8e::720
021b42a30a7a1f340211764fd0175b935260f4f118b71f3f8d991f1c98176367
044c393307c5fa50acd0ad4fc51533bedc5df3e56e1ff6ae67a99893c2ae6303
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0
11a36a5841c3c244098be63dbbcaa3cb4e034e50a876be77f6296f16e76d7249
11b855b2aeee3fdc979263eb3e293bbe9451c0ce9d29f1d18bdf8a5a823e0b20
14c27fd1cb054db6478f10cad31322378de6c7d7b14f4742f9011385389d53fa
196e43bdacfa03cf170bb732c534b46f57000706f52d10353ce736d1d7106370
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
234bf5464060174c1a927ba0ab1d758a7e7fa8444579b0cdaac4e34320746d51
2b3b97dd23af298b536f3a3d1de4dccf701e18573b13986ac89cd74f14f6860b
3472dba71ebed87c3f5f2f032ab970406655ca16c9da26056fff8da5d6c0903e
3cb6a2a2af91cd35b8249b31c9256e54f5b88d66a1dd5dca2f72ab7fed0aaf97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
5455146c2e07dbfa783664279b744964227ad9a4e6c3e110b1caffe502d843b4
55dfb0ad92533d6cb8945a876465ff853c241cfc8c50b187232b0ba3fdd47c83
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b4a15c3ce7e24865b7dae0a8b8f83b007f050dd8c3b61e924ea1079efbcf185
5da36a13e2f5f872f80692a0736c2cf42d720b292f0f9beeaec3a61633bccbb4
6411da6fb85fd510f1f25649af59f9fe53b705761c844bab4da681a28f22f0db
67361fe21674e3cbd0c538ce93b8ccbd3fe75f8a8db55e0e1398204cdc69da34
6b3e6d9ed5dd1f0d2c611513d27ab4a4377757fb0b7804af25f11a656e5094dd
74cbe7b1cc2f0307ce7f89d9027027bf2346a10863c14b58e56f466f74b8b551
75ef9cbb7d3fd9104a2fd8f77088c0238ee569fb6b4dedf0c8559c9cd0ea8f93
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
806aedff52ac822f2adc5797073e1e5c5cec32eb9f15f2319cb32a347dcd232b
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8243b10aaff7ad9644ba486e42338494b5720a1c99d8166f14c3032c69fae575
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8eb3bfd91a1144cf7f20c5ddd6383097d0f206537bfc2575a7ac5f4acf0cee80
96272928248e137a9b276fdddb6417fbadbd366da1e068ead34ea7a1b13e381f
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a81932c28ef26ac14ff4ff84ae4447fd57478d48b768d2bb51d000cf505aebbe
b0650773883fe6c14d49843bbee4dec9f5ffcc19e687e3174f4dfad05af58314
b15656fa6a0e72817bcb55e74892c02cf6a33894ca8ee8decc23d25b771aa142
bc446a3a7fbe7f036d0e4d5240339e50fcdb4fbb1cd451788856edfc4ac01f5e
beb035cb53aa7f6769333d969243c717b9362f856af777babe4d9547a7ab11c3
c252b5da2c75852c9355cea14ea621320d4b194a79bdc0c0b17ed5acf151cbc3
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c7bafeef8a930097a92ebabcce29bae8e6d17f609ad90086625e49bf33552487
cecf5c59ff7c288bf90cc6221756bd9612464308557b92ca54f27d1cd108f3cd
da31cd2d9992150b67b94ba451db96a3cb1257db036f10ef5d5c0d2300899bf7
da93548de2dae57de03dd49c275a129334f08709291e9c661bfb1be3389c6d80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecda34b6c120f9049d3595ec2999522295ce66bcb320f00e74a9b55e1607eba5
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

sso.df.eu Open in urlscan Pro 2a02:26f0:dc::6853:420 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

67 %HTTPS

69 %IPv6

10 Domains

13 Subdomains

12 IPs

4 Countries

1484 kBTransfer

3099 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sso.df.eu Open in urlscan Pro
2a02:26f0:dc::6853:420 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

67 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1484 kB
Transfer

3099 kB
Size

10
Cookies

49 HTTP transactions
0 data transactions