urlscan.io logo urlscan.io
SecurityTrails logo

admin.df.eu Open in urlscan Pro
192.124.249.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kerstin-birke.de/
Effective URL: https://admin.df.eu/kunde/index.php?into=appsuite
Submission: On April 28 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 192.124.249.168, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is admin.df.eu.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 5th 2023. Valid for: a year.
This is the only time admin.df.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1158:5:4... 8972 (GD-EMEA-D...)
1 1 134.119.228.27 34011 (GD-EMEA-D...)
1 192.124.249.168 30148 (SUCURI-SEC)
4 192.124.249.103 30148 (SUCURI-SEC)
3 192.124.249.119 30148 (SUCURI-SEC)
8 4
1    2a00:1158:5:4b5:: (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
kerstin-birke.de
1    134.119.228.27 (Cologne, Germany)

ASN34011 (GD-EMEA-DC-CGN1, DE)
webmail.df.eu
1    192.124.249.168 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10168.sucuri.net
admin.df.eu
4    192.124.249.103 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10103.sucuri.net
css-admin.df.eu
3    192.124.249.119 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10119.sucuri.net
js-admin.df.eu
Apex Domain
Subdomains		 Transfer
9 df.eu
webmail.df.eu
admin.df.eu
css-admin.df.eu
js-admin.df.eu
740 KB
1 kerstin-birke.de
kerstin-birke.de
232 B
8 2
Domain Requested by
4 css-admin.df.eu admin.df.eu
css-admin.df.eu
3 js-admin.df.eu admin.df.eu
1 admin.df.eu
1 webmail.df.eu 1 redirects
1 kerstin-birke.de 1 redirects
8 5

This site contains links to these domains. Also see Links.

Domain
www.df.eu
status.df.eu
sso.df.eu
sso.secureserver.net
login.microsoftonline.com
Subject Issuer Validity Valid
admin.df.eu
Starfield Secure Certificate Authority - G2		 2023-04-05 -
2024-04-05		 a year crt.sh
*.df.eu
Go Daddy Secure Certificate Authority - G2		 2022-12-09 -
2024-01-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.df.eu/kunde/index.php?into=appsuite
Frame ID: 906BC02371A93BCC07904E7FBE6239A8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Webmail | DomainFactory

Page URL History Show full URLs

  1. http://kerstin-birke.de/ HTTP 302
    https://webmail.df.eu/roundcube/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

20 %
IPv6

2
Domains

5
Subdomains

4
IPs

3
Countries

740 kB
Transfer

806 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kerstin-birke.de/ HTTP 302
    https://webmail.df.eu/roundcube/ HTTP 301
    https://admin.df.eu/kunde/index.php?into=appsuite Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
admin.df.eu/kunde/
Redirect Chain
  • http://kerstin-birke.de/
  • https://webmail.df.eu/roundcube/
  • https://admin.df.eu/kunde/index.php?into=appsuite
66 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.168 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10168.sucuri.net
Software
nginx /
Resource Hash
eba541fe62477809a6d7c0e6c6b0f4806f44e9645f3e5435c6ef0f6e35225866
Security Headers
Name Value
Content-Security-Policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate
content-encoding
gzip
content-length
31760
content-security-policy
default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
content-type
text/html; charset=UTF-8
date
Fri, 28 Apr 2023 07:11:16 GMT
etag
"df-f27527cd26b95ff4acbd914a9ccba26e"
referrer-policy
strict-origin-when-cross-origin no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
15018
x-ua-compatible
IE=Edge,chrome=IE8
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
257
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 28 Apr 2023 07:11:15 GMT
Keep-Alive
timeout=5, max=100
Location
https://admin.df.eu/kunde/index.php?into=appsuite
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
df_lib-min.css
css-admin.df.eu/TS1682320239/ 		242 KB
243 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1682320239/df_lib-min.css
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
c932e6b6fc08e515333775351da5433ef8481a84679e08000f9eed874852b949
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
248131
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 07:10:40 GMT
server
nginx
etag
"64462b70-3c943"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
startauftrag-min.css
css-admin.df.eu/TS1682320234/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1682320234/startauftrag-min.css
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
547
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 07:10:34 GMT
server
nginx
etag
"64462b6a-223"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-min.js
js-admin.df.eu/TS1682320234/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1682320234/jquery-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
eb6698f0ed8707f0f24d355197f9cb0b634ecc3d69945e663d5048837b959a73
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
89627
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 07:10:37 GMT
server
nginx
etag
"64462b6d-15e1b"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
df_lib-min.js
js-admin.df.eu/TS1682320237/ 		316 KB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1682320237/df_lib-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
3095e846c5b3769a8e458e9389e7071764536d9fab689eb65e1b5094de50d960
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
323646
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 07:10:40 GMT
server
nginx
etag
"64462b70-4f03e"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr-min.js
js-admin.df.eu/TS1682320240/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-admin.df.eu/TS1682320240/modernizr-min.js
Requested by
Host: admin.df.eu
URL: https://admin.df.eu/kunde/index.php?into=appsuite
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.119 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10119.sucuri.net
Software
nginx /
Resource Hash
2cc9e2f409d415dfbc676a9433a18598dc0b608dc99f22edea393655b73b5084
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.df.eu/kunde/index.php?into=appsuite
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
11778
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Apr 2023 07:10:42 GMT
server
nginx
etag
"64462b72-2e02"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15019
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
moretype-depotnew-regular-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-regular-webfont.woff2
Requested by
Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1682320239/df_lib-min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://css-admin.df.eu/TS1682320239/df_lib-min.css
Origin
https://admin.df.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
23276
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Aug 2021 08:42:56 GMT
server
nginx
etag
"6107b010-5aec"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		783 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		729 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		318 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		474 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		777 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
moretype-depotnew-bold-webfont.woff2
css-admin.df.eu/TS1627893776/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css-admin.df.eu/TS1627893776/fonts/moretype-depotnew-bold-webfont.woff2
Requested by
Host: css-admin.df.eu
URL: https://css-admin.df.eu/TS1682320239/df_lib-min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.103 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10103.sucuri.net
Software
nginx /
Resource Hash
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://css-admin.df.eu/TS1682320239/df_lib-min.css
Origin
https://admin.df.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 07:11:16 GMT
content-security-policy
upgrade-insecure-requests;, default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-sucuri-cache
HIT
content-length
22640
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Aug 2021 08:42:56 GMT
server
nginx
etag
"6107b010-5870"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
15003
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $jscomp function| $ function| jQuery object| DF object| CrashKit function| reportJsError object| lang function| deleteStatusMeldungen function| addError function| addWarning function| addNotice function| addSuccess function| addMessage function| initStatusMeldungen function| redrawProgressBar function| softResize function| resizeContainer function| switchCheckbox function| link_popup function| raw_popup function| setCookie function| unsetPointer function| setPointer function| highlight undefined| hClasses object| oDefaultExpireTime boolean| bSecure string| _POPUP_FEATURES boolean| bSwitched object| asMeldungen function| isFalse function| isTrue function| getPhpVersionsSelectHelper function| sprintf function| vsprintf function| d object| FixedSticky object| Modernizr object| $THISPAGE object| hTimings boolean| DNT function| addDebug function| _oldAddSuccess function| _oldAddNotice function| _oldAddWarning function| _oldAddError function| _oldDeleteStatusMeldungen

2 Cookies

Domain/Path Name / Value
admin.df.eu/ Name: APP_LOCALE
Value: de
admin.df.eu/ Name: sHtmlClass
Value: js%20theme-df%20page-login%20fixedsticky-withoutfixedfixed%20history%20localstorage%20sessionstorage%20hashchange%20details%20domready%20scrollbarwidth_1%20multiupload%20csscalc%20cookies%20js%20iframe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; img-src https: data:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; font-src data: https:; frame-ancestors 'self'; default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval' *.dftest.eu *.df.eu
Strict-Transport-Security max-age=3153600; includeSubDomains; preload; max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.df.eu
css-admin.df.eu
js-admin.df.eu
kerstin-birke.de
webmail.df.eu
134.119.228.27
192.124.249.103
192.124.249.119
192.124.249.168
2a00:1158:5:4b5::
10c5cd11e9faa3d4e14064232bf481656c143079d101bae3b5b9e15fe17d8ac0
2cc9e2f409d415dfbc676a9433a18598dc0b608dc99f22edea393655b73b5084
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e30bf7630d4ff3c40515a06ad60bfefe2cf8c01f3ca5729c2065c65c9caaa20
2fec5846899c2ecae024edff278997258db18bc7be5bdbe4fba7802747eebe3d
3095e846c5b3769a8e458e9389e7071764536d9fab689eb65e1b5094de50d960
541369e31df0d61e2e92e633c6d79c745723107e940bb65ca5113978e5eaa52a
58f8188485e8fe474e35d2adb7832b1af5aaeeda0ab7c34a5c6bf86df28a1cbb
6caaf54481ecf7b0ce2a977d3eb77ccea9b263a51bc4712c53b0b32c6c3e768d
877442680bd2605675c58429c14f185c5530b551cf94278b991d4ba0271e5f9d
8934a0e2777001282adf00f9c98861ef063a360cafce4ddbb250e39a85a1b186
ab2ad661175162768072fba12164d76fdb19932dc29ecc17e1d2360bdc2c7c48
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493
c932e6b6fc08e515333775351da5433ef8481a84679e08000f9eed874852b949
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6698f0ed8707f0f24d355197f9cb0b634ecc3d69945e663d5048837b959a73
eba541fe62477809a6d7c0e6c6b0f4806f44e9645f3e5435c6ef0f6e35225866
fa5faf0b361afb3cb04c3316abd3e31a4151fc52061212cd4c24fa27c9f90181