dfire.ensight.ws Open in urlscan Pro
197.189.219.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.pstmrk.it/3/dfire.ensight.ws%2Flive%2Fpreview.php%3Fm%3D35070%26r%3D62087891/sBeF/QBSyAQ/AQ/2fad5ea1-294d-...
Effective URL:
https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Submission: On December 22 via api (December 22nd 2023, 7:09:54 pm UTC) from ZA — Scanned from IT

Summary HTTP 15 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 5 domains to perform 15 HTTP transactions. The main IP is 197.189.219.201, located in Cape Town, South Africa and belongs to xneelo, ZA. The main domain is dfire.ensight.ws.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.

This is the only time dfire.ensight.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.81.19.161 99.81.19.161	16509 (AMAZON-02) (AMAZON-02)
1 5	197.189.219.201 197.189.219.201	37153 (xneelo) (xneelo)
5	104.18.26.207 104.18.26.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.239.50.32 18.239.50.32	16509 (AMAZON-02) (AMAZON-02)
15	3

1 99.81.19.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-19-161.eu-west-1.compute.amazonaws.com

click.pstmrk.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 197.189.219.201 (Cape Town, South Africa) 1 redirects

ASN37153 (xneelo, ZA)
PTR: dfire.ensighthq.com

dfire.ensight.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df.ensighthq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.26.207 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn19.mailercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.239.50.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-32.ams58.r.cloudfront.net

dtyujstxnnkbj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudfront.net dtyujstxnnkbj.cloudfront.net	12 KB
5	mailercdn.net cdn19.mailercdn.net	213 KB
3	ensighthq.com df.ensighthq.com	6 KB
2	ensight.ws 1 redirects dfire.ensight.ws	14 KB
1	pstmrk.it 1 redirects click.pstmrk.it — Cisco Umbrella Rank: 51985	115 B
15	5

	Domain	Requested by
6	dtyujstxnnkbj.cloudfront.net	dfire.ensight.ws
5	cdn19.mailercdn.net	dfire.ensight.ws
3	df.ensighthq.com	dfire.ensight.ws
2	dfire.ensight.ws	1 redirects
1	click.pstmrk.it	1 redirects
15	5

This site contains links to these domains. Also see Links.

Domain
df.ensighthq.com

Subject Issuer	Validity	Valid
dfire.ensight.ws R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
df.ensighthq.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
cdn19.mailercdn.net GTS CA 1P5	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Frame ID: F0499E3AAE10D317CBF999696312407B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jonathan, Buy and Get is back for the festive season!

Page URL History Show full URLs

https://click.pstmrk.it/3/dfire.ensight.ws%2Flive%2Fpreview.php%3Fm%3D35070%26r%3D62087891/sBeF/QBSy... HTTP 302
http://dfire.ensight.ws/live/preview.php?m=35070&r=62087891 HTTP 301
https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

245 kB
Transfer

238 kB
Size

3
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://df.ensighthq.com/live/preview.php?m=35070&r=62087891
Title: online version

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fbit.ly%2F483x296&o=Mail%2B35070&r=62087891&v=c81735

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.facebook.com%2FSamsungSouthAfrica&o=Mail%2B35070&r=62087891&v=184e49

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.instagram.com%2Fsamsungsa%2F&o=Mail%2B35070&r=62087891&v=fdea1e

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Ftwitter.com%2FSamsungSA&o=Mail%2B35070&r=62087891&v=0f46a2

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.youtube.com%2Fuser%2Fsamsungblog&o=Mail%2B35070&r=62087891&v=8993f0

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fsamsung-south-africa%3Ftrk%3Dcompany_logo&o=Mail%2B35070&r=62087891&v=a644c4

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2Fsamsung-pay%2F&o=Mail%2B35070&r=62087891&v=5b4818

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2Fapps%2Fsamsung-members%2F&o=Mail%2B35070&r=62087891&v=046971

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2Foffer%2Fsamsung-care-plus%2F&o=Mail%2B35070&r=62087891&v=2d7902

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2Finfo%2Flegal%2F&o=Mail%2B35070&r=62087891&v=abe9a1
Title: Legal

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2Finfo%2Fprivacy%2F&o=Mail%2B35070&r=62087891&v=3b16bd
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/subscribe.php?m=35070&action=unsubscribe&r=62087891
Title: here

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fwww.samsung.com%2Fza%2F&o=Mail%2B35070&r=62087891&v=638c2d
Title: Samsung

Search URL Search Domain Scan URL

URL: https://df.ensighthq.com/live/click.php?u=https%3A%2F%2Fdf.ensighthq.com%2Flive%2Fcontent.php%3FItem_ID%3D1174&o=Mail%2B35070&r=62087891&v=7a9e07
Title: Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.pstmrk.it/3/dfire.ensight.ws%2Flive%2Fpreview.php%3Fm%3D35070%26r%3D62087891/sBeF/QBSyAQ/AQ/2fad5ea1-294d-4642-b6e0-02c191ee854c/1/FCxH5VtAQE HTTP 302
http://dfire.ensight.ws/live/preview.php?m=35070&r=62087891 HTTP 301
https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request preview.php Show response
dfire.ensight.ws/live/
Redirect Chain

https://click.pstmrk.it/3/dfire.ensight.ws%2Flive%2Fpreview.php%3Fm%3D35070%26r%3D62087891/sBeF/QBSyAQ/AQ/2fad5ea1-294d-4642-b6e0-02c191ee854c/1/FCxH5VtAQE
http://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

13 KB
13 KB

911ms
257ms

Document
text/html

197.189.219.201
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.189.219.201 Cape Town, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: dfire.ensighthq.com
Software: Apache/2.2.15 (CentOS) / PHP/5.2.17 ZendServer/5.0
Resource Hash: 10ff2f3c4dd157b42baa79b5ca3fc340ac360b5b8ec9254048d4780256924750

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: close
Content-Type: text/html; Charset=utf-8
Date: Fri, 22 Dec 2023 18:55:30 GMT
Server: Apache/2.2.15 (CentOS)
Transfer-Encoding: chunked
X-Powered-By: PHP/5.2.17 ZendServer/5.0

Redirect headers

Connection: close
Content-Length: 354
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 22 Dec 2023 18:55:29 GMT
Location: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Server: Apache/2.2.15 (CentOS)

GET
H/1.1 200
OK standard.css
df.ensighthq.com/live/pagebuilder/themes/ 4 KB
4 KB 859ms
208ms Stylesheet
text/css 197.189.219.201
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: https://df.ensighthq.com/live/pagebuilder/themes/standard.css
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.189.219.201 Cape Town, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: dfire.ensighthq.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8e3f0252c43ad8918feee40bc92c5c144426d3b91595101b482ba6d2a01aa5e0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 18:55:31 GMT
Last-Modified: Thu, 05 Feb 2015 10:26:24 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "56d39b-e80-50e54bc5ff400"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3712

GET
H2 200 qdwefgdsbnh43-0001.jpg
cdn19.mailercdn.net/users/assets/379/images/ 136 KB
136 KB 965ms
855ms Image
image/webp 104.18.26.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn19.mailercdn.net/users/assets/379/images/qdwefgdsbnh43-0001.jpg
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc3ab30c87b9bc2a24e2d2b6d599c7d0386b151f5ace6b732dfc83e1534c4fc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:09:49 GMT
cf-cache-status: HIT
content-disposition: inline; filename="qdwefgdsbnh43-0001.webp"
alt-svc: h3=":443"; ma=86400
content-length: 139236
x-request-id: T608zo1vPTWLBqcMPlBsL
last-modified: Wed, 13 Dec 2023 10:29:20 GMT
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 839aa94b9d640c3c-MRS
expires: Sat, 21 Dec 2024 19:09:49 GMT

GET
H2 200 qdwefgdsbnh43-0002.jpg
cdn19.mailercdn.net/users/assets/379/images/ 26 KB
26 KB 847ms
738ms Image
image/webp 104.18.26.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn19.mailercdn.net/users/assets/379/images/qdwefgdsbnh43-0002.jpg
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5acdbf7bea3b420e3c04dd1692c71e5f47f26a215611ff0725a1f80296c0a31c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:09:49 GMT
cf-cache-status: HIT
content-disposition: inline; filename="qdwefgdsbnh43-0002.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26508
x-request-id: WV9vjAHoNU-rmxbKGx1ID
last-modified: Wed, 13 Dec 2023 10:30:52 GMT
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 839aa94b9d680c3c-MRS
expires: Sat, 21 Dec 2024 19:09:49 GMT

GET
H2 200 qdwefgdsbnh43-0003.jpg
cdn19.mailercdn.net/users/assets/379/images/ 22 KB
23 KB 817ms
709ms Image
image/webp 104.18.26.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn19.mailercdn.net/users/assets/379/images/qdwefgdsbnh43-0003.jpg
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aac7670c85818743dd20f553f30d98788465a89d439ec5d4562d4b6c79132a1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:09:49 GMT
cf-cache-status: HIT
content-disposition: inline; filename="qdwefgdsbnh43-0003.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23032
x-request-id: tnrLMzS3Ta4REZpL9AyHj
last-modified: Mon, 18 Dec 2023 08:54:55 GMT
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 839aa94b9d650c3c-MRS
expires: Sat, 21 Dec 2024 19:09:49 GMT

GET
H2 200 qdwefgdsbnh43-0004.jpg
cdn19.mailercdn.net/users/assets/379/images/ 25 KB
26 KB 865ms
757ms Image
image/webp 104.18.26.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn19.mailercdn.net/users/assets/379/images/qdwefgdsbnh43-0004.jpg
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf68bdb86aab71b6c73eb8ea99192e4c40af4b4d955cb8439f0089f286fba8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:09:49 GMT
cf-cache-status: HIT
content-disposition: inline; filename="qdwefgdsbnh43-0004.webp"
alt-svc: h3=":443"; ma=86400
content-length: 26110
x-request-id: jXgMW2GlPhTWkT0Su8thd
last-modified: Wed, 13 Dec 2023 10:31:09 GMT
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 839aa94b9d5e0c3c-MRS
expires: Sat, 21 Dec 2024 19:09:49 GMT

GET
H2 200 ftr-soc-001.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 1 KB
2 KB 186ms
55ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ftr-soc-001.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

9ff7175adba09ddf40e7406635ed6515e83fff3d3ed3f4262c103f7403c14271

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 12:05:46 GMT
strict-transport-security: max-age=2592000
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 368870
cf-polished: origSize=1667, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="ftr-soc-001.jpg"
content-length: 1358
x-request-id: oyAKKtJx3wZlx--Z09VKP
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Nov 2023 18:57:47 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 837f84039a313733-FRA
x-amz-cf-id: LpRSSxB2xzT-KtOhYUmyX0jd49UYPCoiDO0gzuUyHgpsZMeRgMJfEQ==
expires: Wed, 18 Dec 2024 12:05:46 GMT

GET
H/1.1 200
OK insta.jpg
df.ensighthq.com/content/samsung/2022/09/ 1 KB
2 KB 882ms
215ms Image
image/jpeg 197.189.219.201
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df.ensighthq.com/content/samsung/2022/09/insta.jpg
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.189.219.201 Cape Town, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: dfire.ensighthq.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 251bb08eb59d448bca539cb0a1191d9471d3bddd1c32325da7b320debe79055e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 18:55:31 GMT
Last-Modified: Wed, 28 Sep 2022 19:35:14 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "5da014-5c5-5e9c1dc16e080"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 1477

GET
H2 200 sahvgda---0001.png
cdn19.mailercdn.net/users/assets/379/images/ 1 KB
2 KB 168ms
60ms Image
image/webp 104.18.26.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn19.mailercdn.net/users/assets/379/images/sahvgda---0001.png
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf3713a8ad872fdf846c6f4f8f0f835c252254ca280d473d0c9821ada738008

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:09:48 GMT
cf-cache-status: HIT
age: 2038736
content-disposition: inline; filename="sahvgda---0001.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1136
x-request-id: NFyXQ33tTKh5ndKRqFk-w
last-modified: Tue, 28 Nov 2023 06:04:31 GMT
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 839aa94b9d6b0c3c-MRS
expires: Sat, 21 Dec 2024 19:09:48 GMT

GET
H2 200 ftr-soc-004.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 1 KB
2 KB 189ms
58ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ftr-soc-004.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

1077c8dc446bc192ee8f9e4b3713ace3095958dedd387b8de48ba5b7e72dcb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Wed, 20 Dec 2023 19:43:51 GMT
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 170757
cf-polished: origSize=1708, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="ftr-soc-004.jpg"
content-length: 1413
x-request-id: 48KZI_0w5mkTlrWkQjcQ2
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Nov 2023 18:13:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83612d195f13048f-FRA
x-amz-cf-id: G5goEPr4F42rSIv4LlKZH09nejpvpOnObWizrZz0nt4h68wFCydZSA==
expires: Thu, 19 Dec 2024 19:43:51 GMT

GET
H2 200 ftr-soc-005.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 1 KB
2 KB 187ms
56ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ftr-soc-005.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

fd05ee0d41ef612fff4538a1ae274724ffcf5243ff9a074b90f3ac7d2df060e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Thu, 21 Dec 2023 16:19:20 GMT
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 96628
cf-polished: origSize=1773, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="ftr-soc-005.jpg"
content-length: 1483
x-request-id: mUA7TP3rq4pCdz8VSBscq
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 21:56:22 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83681c654da535f6-FRA
x-amz-cf-id: I16jPLPlsqXue67qfAT-uX69hYVuhCjGakl5GmO1r4jsODElhfVsOw==
expires: Fri, 20 Dec 2024 16:19:20 GMT

GET
H2 200 ftr-soc-006.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 1 KB
2 KB 55ms
54ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ftr-soc-006.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

9178d8135209beece1b12373d10d4436e1ea338212f7ad8b40bd4fe1bdc7ec15

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 06:40:31 GMT
strict-transport-security: max-age=2592000
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 390557
cf-polished: origSize=1759, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="ftr-soc-006.jpg"
content-length: 1478
x-request-id: D7WHcNbI9HQs_yrVFdwII
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 Nov 2023 05:18:22 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83756a2eed885b4a-FRA
x-amz-cf-id: T3btWtCyw8DbIB5WDVsZg3KGNFiQ4jZxXfe-H-RCIHCgDYeGjf9wHg==
expires: Tue, 17 Dec 2024 06:40:31 GMT

GET
H2 200 ftr-soc-007.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 1 KB
2 KB 65ms
65ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ftr-soc-007.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

20a1fe5a3081f4938c8fc8aa19764ffbac2e74df4541b339a4031018b0b26d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Fri, 22 Dec 2023 19:09:48 GMT
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 570
cf-polished: origSize=1801, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="ftr-soc-007.jpg"
content-length: 1519
x-request-id: MhP7kXI-zcPPp3TJFIMeP
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Nov 2023 12:04:18 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8371624028341da6-FRA
x-amz-cf-id: 6cMTyyVEo0XCM7323FCtajYnHsAKuBRb0rlgIlFPEUaON7bNIV1-mg==
expires: Sat, 21 Dec 2024 19:00:18 GMT

GET
H2 200 vbhj-vbh-yu-006.jpg
dtyujstxnnkbj.cloudfront.net/users/assets/379/images/ 2 KB
2 KB 66ms
66ms Image
image/jpeg 18.239.50.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dtyujstxnnkbj.cloudfront.net/users/assets/379/images/vbhj-vbh-yu-006.jpg

Requested by

Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.50.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-50-32.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

821c8f603d45f329038d8837e65b7ae1eb38f1d710b1872bb7a4cb79563d04ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Fri, 22 Dec 2023 19:09:48 GMT
via: 1.1 40fb5e8791e3cb1337e56d76d11ee8fa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS58-P3
age: 646
cf-polished: origSize=1839, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="vbhj-vbh-yu-006.jpg"
content-length: 1553
x-request-id: ka2amTumGZbKXzqBICa7J
cf-bgj: imgq:100,h2pri
last-modified: Wed, 29 Nov 2023 07:53:44 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 837162403dd137ef-FRA
x-amz-cf-id: aqjUP7Nlm7_7DJFJFz5G3GjfglmsE6YV4KPE2PQ3od1FqP-KtyHeGA==
expires: Sat, 21 Dec 2024 18:59:02 GMT

GET
H/1.1 200
OK open.php
df.ensighthq.com/live/ 42 B
428 B 884ms
231ms Image
image/gif 197.189.219.201
xneelo

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df.ensighthq.com/live/open.php?m=35070&p=7404591&r=62087891
Requested by: Host: dfire.ensight.ws
URL: https://dfire.ensight.ws/live/preview.php?m=35070&r=62087891
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 197.189.219.201 Cape Town, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: dfire.ensighthq.com
Software: Apache/2.2.15 (CentOS) / PHP/5.2.17 ZendServer/5.0
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://dfire.ensight.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 18:55:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.2.17 ZendServer/5.0
P3P: CP="CAO IVD OUR STP"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Transfer-Encoding: binary
Connection: close
Content-Length: 42
Expires: Wed, 28 Feb 1979 00:02:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dfire.ensight.ws/live	1970-01-21 01:53:28	Name: ENVENT Value: 7404706
dfire.ensight.ws/live	1969-12-31 23:59:59	Name: Session_ID Value: d080d54d30d8b92863aa6baf9cb9e25a
.mailercdn.net/	1970-01-20 17:07:53	Name: __cf_bm Value: cOC1C89V6zzycD.WIocxXts3dPAXX6nqtwWlnbnNV7g-1703272189-1-ASGC/Hrqw9zqItE3ECh2EeVfau2rJilFHFWTfK/zIEF4QmZSWcPLntPFaY8M8UuJWYBAAzJAG5SulBELLmGGu/I=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn19.mailercdn.net
click.pstmrk.it
df.ensighthq.com
dfire.ensight.ws
dtyujstxnnkbj.cloudfront.net
104.18.26.207
18.239.50.32
197.189.219.201
99.81.19.161
0aac7670c85818743dd20f553f30d98788465a89d439ec5d4562d4b6c79132a1
0fc3ab30c87b9bc2a24e2d2b6d599c7d0386b151f5ace6b732dfc83e1534c4fc
1077c8dc446bc192ee8f9e4b3713ace3095958dedd387b8de48ba5b7e72dcb31
10ff2f3c4dd157b42baa79b5ca3fc340ac360b5b8ec9254048d4780256924750
11cf68bdb86aab71b6c73eb8ea99192e4c40af4b4d955cb8439f0089f286fba8
20a1fe5a3081f4938c8fc8aa19764ffbac2e74df4541b339a4031018b0b26d2a
251bb08eb59d448bca539cb0a1191d9471d3bddd1c32325da7b320debe79055e
5acdbf7bea3b420e3c04dd1692c71e5f47f26a215611ff0725a1f80296c0a31c
7cf3713a8ad872fdf846c6f4f8f0f835c252254ca280d473d0c9821ada738008
821c8f603d45f329038d8837e65b7ae1eb38f1d710b1872bb7a4cb79563d04ee
8e3f0252c43ad8918feee40bc92c5c144426d3b91595101b482ba6d2a01aa5e0
9178d8135209beece1b12373d10d4436e1ea338212f7ad8b40bd4fe1bdc7ec15
9ff7175adba09ddf40e7406635ed6515e83fff3d3ed3f4262c103f7403c14271
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd05ee0d41ef612fff4538a1ae274724ffcf5243ff9a074b90f3ac7d2df060e6

dfire.ensight.ws Open in urlscan Pro 197.189.219.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

4 Countries

245 kBTransfer

238 kBSize

3 Cookies

15 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

Indicators

dfire.ensight.ws Open in urlscan Pro
197.189.219.201 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

4
Countries

245 kB
Transfer

238 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions