view.e.entaingroup.com Open in urlscan Pro
161.71.105.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734a386d904ef3002ff27dca48f0a77ac528d58b3f39628137504b68539b299b603e164649fa882...
Effective URL:
https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a1...
Submission: On October 12 via api (October 12th 2022, 3:28:40 pm UTC) from BE — Scanned from GB

Summary HTTP 12 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 161.71.105.62, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is view.e.entaingroup.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 13th 2022. Valid for: a year.

This is the only time view.e.entaingroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	161.71.97.64 161.71.97.64	14340 (SALESFORCE) (SALESFORCE)
1	161.71.105.62 161.71.105.62	14340 (SALESFORCE) (SALESFORCE)
9	104.16.163.243 104.16.163.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.206.92.135 34.206.92.135	14618 (AMAZON-AES) (AMAZON-AES)
12	4

2 161.71.97.64 (London, United Kingdom) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.e.entaingroup.com

click.e.entaingroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.71.105.62 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: view.e.entaingroup.com

view.e.entaingroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.163.243 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

scmedia.itsfogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.92.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-92-135.compute-1.amazonaws.com

pixel.monitor1.returnpath.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	itsfogo.com scmedia.itsfogo.com — Cisco Umbrella Rank: 57745	63 KB
3	entaingroup.com 1 redirects click.e.entaingroup.com — Cisco Umbrella Rank: 269708 view.e.entaingroup.com	42 KB
1	returnpath.net pixel.monitor1.returnpath.net — Cisco Umbrella Rank: 35597	109 B
12	3

	Domain	Requested by
9	scmedia.itsfogo.com	view.e.entaingroup.com
2	click.e.entaingroup.com	1 redirects view.e.entaingroup.com
1	pixel.monitor1.returnpath.net	view.e.entaingroup.com
1	view.e.entaingroup.com
12	4

This site contains links to these domains. Also see Links.

Domain
click.e.entaingroup.com

Subject Issuer	Validity	Valid
view.e.entaingroup.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.itsfogo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-07` - `2023-03-08`	a year	crt.sh
pixel.monitor1.returnpath.net Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh
click.e.entaingroup.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c
Frame ID: 0898E3FC2A7B6A77A18F034A8FF7EC93
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Here's how you keep your account safe |||

Page URL History Show full URLs

https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734a386d904ef3002ff27dca48f0a77ac528d58b3f39628137504b68539... HTTP 302
https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded5418... Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

105 kB
Transfer

101 kB
Size

1
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734a386d904ef3002ff27dca48f0a77ac528d58b3f39628137504b68539b299b603e164649fa8828858845d1c4c643d9b273adc294a2788d594
Title: View in your browser

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa273454802b5484b568036d92a2835e5470e78418bfa9efa80c9c876dc872b5c5ae1a2122cb803c90ef1ca0f9544b97fe5ed65024ead5e1884c8e

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa27344e44a246761d6441c2b428600fbf1493512ca8c693bde9764eeb6a11fa9511cd64b02a6249e54821cea829b1da55c2604339533e060996f5
Title: Customer Services

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa273406d6d0cbaf6f92895650bf379d632770d7bef3cff792dae359746145caabf8606187ec02b71be328a1eae569d75b3c219a46cda47989567a
Title: here

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734dc2cf34a61a97817b8cfcf8e4721e7e192c9e3d126c746faf67cc172acf7161f83ea0e49c76ebc3888f972fc23cc3736f80bed3a088db724

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa27345cf925f2fff78e645e752d1225d349827caa0bcd5a3bf5cf00b6cad38a3753a92133d9a3e94907ea72abd393b65b81eaf75931db9ec72403

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734cbce9715d39bf131cdb833a56eefb942e928c3ad23221c5d31510785c91796baf9ae0ec74068da4a545bb3ea7357a68e400aed48a54afd42

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734bf7c0b86ee7d070a34dd6db14a561fdb7a903cb2e63e840ec0d93fa660ae0a54e34ad3defa73442f01afffe6878e1b6ba2bba0799971cdf9
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa27345960d4dcb6b33fc0e579876ce957882cde5aa3785b3d0610064d41204e1a3bb8517fcda7e25f269ef9d718e5a47eb6ac927207c8579a6fe9
Title: contact

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734da1bdf4f7a7f22d01678868b75ce225d3a21c56b2bdf0f3aae259578f4d28aef6a817498f0d901d4c9304a7c477c071da84d33105f7b6102
Title: http://www.gamingcommission.be

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa273440e72ac929503ed8e4f781a320d457302fbfc53b3b0ee4d6b89db4907c0b8f253e9968b8c4f25f175ed1be5d0f55096943c68f6a5a83a939
Title: ksc.cjh@gamingcommission.be

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa273459a401b1c7fc4757ca47226507ff8a7c10189688e6bf205b8949b01a8a699604567034d501666c5329bdaad4d20e524b20981b5d44b31aa8
Title: Imprint

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734eed2aa3a392f96005d853b17fef25ae31ff631cffc5a467250b98421329d523f9b111462f349d697b6c885ddef30d9e01db74282ee83dc65
Title: Forgotten password

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734496f7000e8b9c2de7b8adea8a1e4ff21d004bdc56789772b35a79f63c7b31f53f38764a61fcee852820de8ca136b9b67eddd7bebb04ed7a3

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734415958bc7371a689dc8f4b63436151352c6820010056f04bc60e13e164e188930898a406b65c3649193c219b9e89cba42c8daf8ccf39b897

Search URL Search Domain Scan URL

URL: https://click.e.entaingroup.com/?qs=7645a0b1f6fa27348575f64f9e9e231348d7983c5bb8de2b38774e56f7df63886586adb96b860c1633db864f9327e0dae89cd7c5a7a4b4d767353034631ae1bd

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734a386d904ef3002ff27dca48f0a77ac528d58b3f39628137504b68539b299b603e164649fa8828858845d1c4c643d9b273adc294a2788d594 HTTP 302
https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
view.e.entaingroup.com/
Redirect Chain

https://click.e.entaingroup.com/?qs=7645a0b1f6fa2734a386d904ef3002ff27dca48f0a77ac528d58b3f39628137504b68539b299b603e164649fa8828858845d1c4c643d9b273adc294a2788d594
https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c

41 KB
41 KB

1225ms
791ms

Document
text/html

161.71.105.62
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.71.105.62 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS: view.e.entaingroup.com
Software: /
Resource Hash: edce4015e3a25251bb99b23efe159d63f6f12d6992fade2a3e25a3f6d7c2d88a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private
Connection: close
Content-Length: 41958
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Oct 2022 15:28:35 GMT

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 312
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Oct 2022 15:28:34 GMT
Location: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c

GET
H2 200 dd95e076ab2047e884ca09aff4d81e44.png
scmedia.itsfogo.com/$-$/ 34 B
416 B 97ms
43ms Image
image/webp 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/dd95e076ab2047e884ca09aff4d81e44.png

Requested by

Host: view.e.entaingroup.com
URL: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a959499e01bc25d04cdf81941ca90aebb810661ec09a221ef4a611d041172c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 84334
cf-polished: origFmt=png, origSize=120
content-disposition: inline; filename="dd95e076ab2047e884ca09aff4d81e44.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Feb 2019 15:04:43 GMT
server: cloudflare
etag: "DD95E076AB2047E884CA09AFF4D81E44"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbf135cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 cd3d1841a2ae46568729e9b48a2c06ae.png
scmedia.itsfogo.com/$-$/ 15 KB
15 KB 93ms
39ms Image
image/webp 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/cd3d1841a2ae46568729e9b48a2c06ae.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98cf3a49883c122a41690a29d6c47e371a5b0ffa7e695c00e93cff803df266b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 84334
cf-polished: origFmt=png, origSize=38651
content-disposition: inline; filename="cd3d1841a2ae46568729e9b48a2c06ae.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14868
cf-bgj: imgq:85,h2pri
last-modified: Thu, 13 Dec 2018 08:37:05 GMT
server: cloudflare
etag: "CD3D1841A2AE46568729E9B48A2C06AE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbf335cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 84e5d22a3ee9440a81cf7749d0031050.jpg
scmedia.itsfogo.com/$-$/ 23 KB
24 KB 240ms
187ms Image
image/jpeg 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/84e5d22a3ee9440a81cf7749d0031050.jpg?la=en&p=mailing640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f56935b413944e00830770d40031290e5db3079af1b2b99cb998b3c8345239

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23838
last-modified: Tue, 22 Sep 2020 08:16:08 GMT
server: cloudflare
etag: "84E5D22A3EE9440A81CF7749D0031050"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbf635cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 pixel.gif
pixel.monitor1.returnpath.net/ 43 B
109 B 354ms
113ms Image
image/gif 34.206.92.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.monitor1.returnpath.net/pixel.gif?r=b337da206fed89997693febd3678b86da60e4c5f&productID=%%F_PRODUCT_ID%%&brandID=%%F_BRAND_ID%%&Lang_ID=%%F_ACCOUNT_LANGUAGE_ID%%&mailcode=SERVICEWE_Password_Security_350_700:66531
Requested by: Host: view.e.entaingroup.com
URL: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.92.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-92-135.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:36 GMT
content-length: 43
content-type: image/gif

GET
H2 200 66c6ac7196e74b03a3995031a8a181c9.png
scmedia.itsfogo.com/$-$/ 2 KB
2 KB 91ms
49ms Image
image/webp 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/66c6ac7196e74b03a3995031a8a181c9.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d790d0870a57d5117e6f663ac626caea272ef727380aa8b593efb40e232b9a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
age: 64927
cf-polished: origFmt=png, origSize=3517
content-disposition: inline; filename="66c6ac7196e74b03a3995031a8a181c9.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1656
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Sep 2021 08:33:54 GMT
server: cloudflare
etag: "66C6AC7196E74B03A3995031A8A181C9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbf735cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 6cb02cc839c04e32904a3bc5116cc24e.png
scmedia.itsfogo.com/$-$/ 2 KB
2 KB 104ms
62ms Image
image/webp 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/6cb02cc839c04e32904a3bc5116cc24e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b7f6bdddc548bd944d4d8a22bb4416b04cec237d62a9fc00ab53d22642f6aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=3946
content-disposition: inline; filename="6cb02cc839c04e32904a3bc5116cc24e.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1934
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Sep 2021 08:33:54 GMT
server: cloudflare
etag: "6CB02CC839C04E32904A3BC5116CC24E"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbfc35cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 1138dfe2529a452bb18195612a74898b.png
scmedia.itsfogo.com/$-$/ 11 KB
12 KB 242ms
201ms Image
image/png 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/1138dfe2529a452bb18195612a74898b.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264564974c1b0704e0eb50670f6241df42ed42acfe346775c4849532c6a3fd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11588
last-modified: Fri, 14 Aug 2020 08:56:35 GMT
server: cloudflare
etag: "1138DFE2529A452BB18195612A74898B"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfcbf935cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 9f950115fe94441ea6341c6811780105.png
scmedia.itsfogo.com/$-$/ 2 KB
3 KB 167ms
166ms Image
image/png 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/9f950115fe94441ea6341c6811780105.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cff29064aa185769d7f0d81e2064b20984587fb4e12f669b11faae7204741b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2444
last-modified: Wed, 23 Jan 2019 13:40:12 GMT
server: cloudflare
etag: "9F950115FE94441EA6341C6811780105"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfdc2235cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 f11036228b3e445e9a5a6d34287fb125.png
scmedia.itsfogo.com/$-$/ 2 KB
3 KB 101ms
101ms Image
image/png 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/f11036228b3e445e9a5a6d34287fb125.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed289d8517f09d2400cfac9b6e0a621da1e0a5c30e223065eb3952f15520c81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2523
last-modified: Wed, 23 Jan 2019 13:35:05 GMT
server: cloudflare
etag: "F11036228B3E445E9A5A6D34287FB125"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfdc2535cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H2 200 92f286f97d1b49fe9bfb8146a2138ab9.png
scmedia.itsfogo.com/$-$/ 2 KB
3 KB 105ms
105ms Image
image/webp 104.16.163.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scmedia.itsfogo.com/$-$/92f286f97d1b49fe9bfb8146a2138ab9.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.163.243 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e52ef2d09eb0fadbc2af9d0a926536a9d134b18af45c4197446f63ff711737

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 15:28:35 GMT
strict-transport-security: max-age=2592000
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4059
content-disposition: inline; filename="92f286f97d1b49fe9bfb8146a2138ab9.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2114
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Jan 2019 13:35:05 GMT
server: cloudflare
etag: "92F286F97D1B49FE9BFB8146A2138AB9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
cf-ray: 7590ddbfec4435cb-MAN
expires: Thu, 12 Oct 2023 15:28:35 GMT

GET
H/1.1 200
OK open.aspx
click.e.entaingroup.com/ 43 B
199 B 52ms
51ms Image
image/gif 161.71.97.64
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.e.entaingroup.com/open.aspx?ffcb10-fe881577706c037a71-fe6810777467067c7410-fe3611717564047e711c74-ff69157474-fe5012747160037a731d-ffce15&d=500004&bmt=0
Requested by: Host: view.e.entaingroup.com
URL: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.71.97.64 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS: click.e.entaingroup.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 12 Oct 2022 15:28:35 GMT
Cache-Control: no-cache; max-age=0
Connection: close
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.itsfogo.com/	1970-01-20 06:39:50	Name: __cf_bm Value: P_dvMMXSqw5Knvq2HPpHK_ccLTJmtvzkEMMHMPOEFKc-1665588515-0-AeGsTNlkoxfv4Ij/2hIDZ2xc7EaAWKnGQ/2U1Hb9PNM9/SL0Ig3VS7hJ28OI9iPgFStZi0uiL0zwktFq66xVs4E=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c(Line 953) Message: Mixed Content: The page at 'https://view.e.entaingroup.com/?qs=22175667170cbfa2ecc6d5cffa3bcba05c2cad2a29ab9215603a456503f64b615ded54183b8e52538b6b887229a14d4633f7bb0398ef66b5871ba4d3c8cc4b0bcce0a329060bec7ed54fd3dc4d21c44c' was loaded over HTTPS, but requested an insecure element 'http://pixel.monitor1.returnpath.net/pixel.gif?r=b337da206fed89997693febd3678b86da60e4c5f&productID=%%F_PRODUCT_ID%%&brandID=%%F_BRAND_ID%%&Lang_ID=%%F_ACCOUNT_LANGUAGE_ID%%&mailcode=SERVICEWE_Password_Security_350_700:66531'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.e.entaingroup.com
pixel.monitor1.returnpath.net
scmedia.itsfogo.com
view.e.entaingroup.com
104.16.163.243
161.71.105.62
161.71.97.64
34.206.92.135
1b7f6bdddc548bd944d4d8a22bb4416b04cec237d62a9fc00ab53d22642f6aaa
264564974c1b0704e0eb50670f6241df42ed42acfe346775c4849532c6a3fd55
74e52ef2d09eb0fadbc2af9d0a926536a9d134b18af45c4197446f63ff711737
8cff29064aa185769d7f0d81e2064b20984587fb4e12f669b11faae7204741b0
95f56935b413944e00830770d40031290e5db3079af1b2b99cb998b3c8345239
98cf3a49883c122a41690a29d6c47e371a5b0ffa7e695c00e93cff803df266b0
a959499e01bc25d04cdf81941ca90aebb810661ec09a221ef4a611d041172c0c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d790d0870a57d5117e6f663ac626caea272ef727380aa8b593efb40e232b9a28
ed289d8517f09d2400cfac9b6e0a621da1e0a5c30e223065eb3952f15520c81e
edce4015e3a25251bb99b23efe159d63f6f12d6992fade2a3e25a3f6d7c2d88a

view.e.entaingroup.com Open in urlscan Pro 161.71.105.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

105 kBTransfer

101 kBSize

1 Cookies

16 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

view.e.entaingroup.com Open in urlscan Pro
161.71.105.62 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

105 kB
Transfer

101 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions