www.dfiforensics.com Open in urlscan Pro
3.233.126.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dfiforensics.ca/
Effective URL:
https://www.dfiforensics.com/
Submission: On November 05 via api (November 5th 2024, 11:22:30 pm UTC) from US — Scanned from CA

Summary HTTP 16 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 16 HTTP transactions. The main IP is 3.233.126.24, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.dfiforensics.com.
TLS certificate: Issued by R10 on October 10th 2024. Valid for: 3 months.

This is the only time www.dfiforensics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	99.83.190.102 99.83.190.102	16509 (AMAZON-02) (AMAZON-02)
1 2	3.233.126.24 3.233.126.24	14618 (AMAZON-AES) (AMAZON-AES)
10	104.18.160.117 104.18.160.117	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.251.68 13.33.251.68	16509 (AMAZON-02) (AMAZON-02)
2	172.64.153.109 172.64.153.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
16	6

1 99.83.190.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com

dfiforensics.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.126.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-126-24.compute-1.amazonaws.com

www.dfiforensics.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dfiforensics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.160.117 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.251.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-251-68.jfk50.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.153.109 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 6168	294 KB
2	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 22513	60 KB
2	dfiforensics.ca 2 redirects dfiforensics.ca www.dfiforensics.ca	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	88 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	103 KB
1	dfiforensics.com www.dfiforensics.com	13 KB
16	7

	Domain	Requested by
10	cdn.prod.website-files.com	www.dfiforensics.com cdn.prod.website-files.com
2	uploads-ssl.webflow.com	cdn.prod.website-files.com
1	www.google-analytics.com	www.googletagmanager.com
1	d3e54v103j8qbb.cloudfront.net	www.dfiforensics.com
1	www.googletagmanager.com	www.dfiforensics.com
1	www.dfiforensics.com
1	www.dfiforensics.ca	1 redirects
1	dfiforensics.ca	1 redirects
16	8

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
open.spotify.com
www.youtube.com
www.instagram.com
choquercreative.com

Subject Issuer	Validity	Valid
www.dfiforensics.com R10	`2024-10-10` - `2025-01-08`	3 months	crt.sh
prod.website-files.com WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
uploads-ssl.webflow.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.dfiforensics.com/
Frame ID: 742FFBFAC09A616AD5E9ECA25AA7FC13
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Digital Forensics & Cyber Attack Response

Page URL History Show full URLs

https://dfiforensics.ca/ HTTP 301
https://www.dfiforensics.ca/ HTTP 301
https://www.dfiforensics.com/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

558 kB
Transfer

4785 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/dfiforensics
Title: Twitter icon

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DFI-Forensics-Inc-553113671869920/
Title: Facebook icon

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/0tULWIhlChk58ugvOS44HQ

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/DFIForensics
Title: YouTube icon

Search URL Search Domain Scan URL

URL: https://www.instagram.com/dfiforensics/?hl=en
Title: Instagram icon

Search URL Search Domain Scan URL

URL: http://choquercreative.com/?utm_source=clientsite&utm_medium=btn&utm_id=Made-By-Choquer
Title: .st0{fill:currentColor;} Developed By Choquer Creative

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dfiforensics.ca/ HTTP 301
https://www.dfiforensics.ca/ HTTP 301
https://www.dfiforensics.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.dfiforensics.com/
Redirect Chain

https://dfiforensics.ca/
https://www.dfiforensics.ca/
https://www.dfiforensics.com/

38 KB
13 KB

604ms
166ms

Document
text/html

3.233.126.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dfiforensics.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.233.126.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-126-24.compute-1.amazonaws.com

Software

Resource Hash

75652abe512575e8a54ec5b5a193e513e5127e65fea408c8565a5a2791b922d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 106627
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8de095be4da01765-IAD
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 05 Nov 2024 23:22:16 GMT
last-modified: Mon, 04 Nov 2024 17:45:09 GMT
surrogate-control: max-age=2147483647
surrogate-key: www.dfiforensics.com 6037dc150825baabe2061d78 pageId:6037dc150825ba822f061d79
vary: Accept-Encoding
x-cluster-name: us-east-1-prod-hosting-red
x-frame-options: SAMEORIGIN
x-lambda-id: 415f768c-4c3a-4b0c-973f-c83b1f15f1e7

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: BYPASS
cf-ray: 8de095baaa0c3b6c-IAD
content-length: 166
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 05 Nov 2024 23:22:16 GMT
location: https://www.dfiforensics.com/
vary: Accept-Encoding
x-cluster-name: us-east-1-prod-hosting-red
x-frame-options: SAMEORIGIN

GET
H3 200 dfi-forensics.webflow.fb979dfbc.css
cdn.prod.website-files.com/6037dc150825baabe2061d78/css/ 101 KB
18 KB 198ms
103ms Stylesheet
text/css 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/css/dfi-forensics.webflow.fb979dfbc.css
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd89b9ba73129c83669a482dac4f94fba8496492df0b100e760ae43bba538c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "fccc75f0d3038f26c37a49713302c0c5"
x-amz-version-id: lPNkra3CvufROqhY2NqzpLs9QlLBl84i
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: text/css
last-modified: Fri, 28 Jun 2024 19:54:31 GMT
vary: Accept-Encoding
x-amz-id-2: 2xhA7mEdMV2GS8hbWZe2htOkRDz0lbQzovaaXIJKadfmInoz3Tg51J5lQwuCvZRaHceZsFo7J+wZDUdp89i7Gb/Az+l9OjLJ
cache-control: public, max-age=31536000, immutable
x-amz-request-id: XEP6VMCYJ98V17AB
cf-ray: 8de095c05cb3aa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18094
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
103 KB 175ms
69ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NJ7Y4KXD9L

Requested by

Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dc3ad68cb66879695103da73bd55aae923ae4cabfd662a8b670a066a6167fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 23:22:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105191
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
88 KB 135ms
29ms Script
application/javascript 13.33.251.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6037dc150825baabe2061d78
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.251.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-251-68.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.dfiforensics.com
Referer: https://www.dfiforensics.com/

Response headers

cache-control: max-age=84600, must-revalidate
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
age: 56000
via: 1.1 1282b072279a4ba99f5e6de99fc2819e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 89476
x-amz-cf-id: gfk_y8flIvRDx0_Ja0c8jwR9EA8yHrjcWAEPKIfLunHMkNRaJcnCHg==
date: Tue, 05 Nov 2024 07:48:58 GMT
content-type: application/javascript
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P10
vary: accept-encoding

GET
H3 200 webflow.3e2a01dcb.js Show response
cdn.prod.website-files.com/6037dc150825baabe2061d78/js/ 605 KB
177 KB 401ms
309ms Script
text/javascript 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/js/webflow.3e2a01dcb.js
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d1e24a8bd502e556b500706d2dcb89366f9c614fe4e5829b47cb83acb758d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
etag: "c5f469232611089a5527adb164471f8d"
x-amz-version-id: wu_PhpYd2KBf5OZQMXWAaxhg7b9TTHBY
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: text/javascript
last-modified: Fri, 28 Jun 2024 19:54:31 GMT
vary: Accept-Encoding
x-amz-id-2: ghf/8lGv7394i5ME38HadBJVjWdJUlI1jUV1oXinKZlOS8wjd22x4OS7hwX4nF+Lm9I9/bdw3o88n6Y+/uoxkGY+QbRvrdfcYI1krBfbVKQ=
cache-control: public, max-age=31536000, immutable
x-amz-request-id: XEP01NJYBGA3CJPG
cf-ray: 8de095c05cb6aa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 180614
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 603fd86821a827bda0f095ad_Play%20Button.svg
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 521 B
729 B 213ms
212ms Image
image/svg+xml 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/603fd86821a827bda0f095ad_Play%20Button.svg
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/css/dfi-forensics.webflow.fb979dfbc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ff592331224277873aa98a83377518dbb56cdf1ac00592f2949f1427350eb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/css/dfi-forensics.webflow.fb979dfbc.css

Response headers

content-encoding: br
cf-cache-status: EXPIRED
etag: W/"be933354f32598f494cfb9cfb72de74e"
x-amz-version-id: o2wHjC7zEZPt8zsOa0.LzdxmrxwurkKE
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: image/svg+xml
last-modified: Wed, 03 Mar 2021 18:41:46 GMT
vary: Accept-Encoding
x-amz-id-2: hCVvTGNQnpol0J5dKlkjfj+E9UIUOw+xARnnvWA3w1hr83LUcmKQhce6nWKmvttw5dwKaVyYec9Ecp5ahSPanQOOtsexvFFN
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEPA2HW444RW1XNT
cf-ray: 8de095c16dd9aa9c-YYZ
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 61e8a7689f39428271de12f0_dfi-video-poster-00001.jpg
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 9 KB
10 KB 94ms
94ms Image
image/jpeg 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/61e8a7689f39428271de12f0_dfi-video-poster-00001.jpg
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6fd1e7498260c8c30cb9e1616b35d7de353064a368bce4a843c01f97d4ca72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

cf-cache-status: EXPIRED
etag: "bd06e9a6be8843fec11b6cb5c4d719c6"
x-amz-version-id: McjoKfotwychaJa9Uk_VqRqhmlgtYp9J
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: image/jpeg
last-modified: Thu, 20 Jan 2022 00:08:05 GMT
vary: Accept-Encoding
x-amz-id-2: 01TU72/51+LmRhxMHiLIFDeg4++CnHfiE4ty2f/Iyb8voF4p9GDiX83rYb79HKO0eYNeOYjHZWGbLDY1huYpVUfgStClJjBz0aAnmSi97HQ=
x-amz-request-id: XEP7CJN1H2051N9Q
cf-ray: 8de095c16de0aa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9652
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6037de7a13a1f555245ac981_Gotham-Light.otf
uploads-ssl.webflow.com/6037dc150825baabe2061d78/ 29 KB
30 KB 210ms
137ms Font
application/x-font-otf 172.64.153.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6037dc150825baabe2061d78/6037de7a13a1f555245ac981_Gotham-Light.otf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/css/dfi-forensics.webflow.fb979dfbc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.109 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059d87195ac799babfa43fc443028f8dfbfec34e0887f69999b63610ec9a3631

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.dfiforensics.com
Referer: https://cdn.prod.website-files.com/

Response headers

access-control-max-age: 3000
cf-cache-status: EXPIRED
etag: "f76e3adf545b3299f643fd7642800351"
x-amz-version-id: NBO6Tswt8XNCFV3mS5koTDRB_buDSClf
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: application/x-font-otf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 02 Mar 2021 19:21:17 GMT
x-amz-id-2: 1NOfSj+u2MskPKPn+TQlw42cmUgSkhgvntPrwmzxjGzGQTgLxAuCqSOurgXsrmUT1WTc7mGnI1qWeF/5qAi7Vz2NZLuMgJ4pYGOtxgl1swE=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEPB735Y6R4633JF
cf-ray: 8de095c24b5fac88-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29656
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6037de7b0314acfa9a732ead_Gotham-Bold.otf
uploads-ssl.webflow.com/6037dc150825baabe2061d78/ 29 KB
30 KB 191ms
119ms Font
application/x-font-otf 172.64.153.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6037dc150825baabe2061d78/6037de7b0314acfa9a732ead_Gotham-Bold.otf
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/css/dfi-forensics.webflow.fb979dfbc.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.109 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7766b0c71e2ef4fd5d4238b8dca14425051ecc7729459bc9c7eeac915909a0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.dfiforensics.com
Referer: https://cdn.prod.website-files.com/

Response headers

access-control-max-age: 3000
cf-cache-status: EXPIRED
etag: "9c35bf87f23c8cca614720126fe0baa0"
x-amz-version-id: .pgK0LpV3yM3LBhmmxsXZfG.6L5byFpl
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: application/x-font-otf
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 02 Mar 2021 19:21:17 GMT
x-amz-id-2: uGMBLk9QYkOVldSw0aqo3fMC6x547DuC/KIPnooMgt3hSnMG6Du2H+c7qzc4DDXWmZ3AqyoqJmk=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEP5BVPHVX54XFAZ
cf-ray: 8de095c24b5dac88-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30012
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 667f029725c4ff48f4a843f8_Logo%202024%20White-p-500.png
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 9 KB
10 KB 105ms
102ms Image
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/667f029725c4ff48f4a843f8_Logo%202024%20White-p-500.png
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a86fc430d7b2f181c07ff17ad1bfd2bd1e35f854f31d58c4ca2716012c07aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

cf-cache-status: EXPIRED
etag: "4fe198c2d4671a28eb42960fee63a793"
x-amz-version-id: iOm71CylHkq1vN72yEa49j1764ttl65N
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: image/png
last-modified: Fri, 28 Jun 2024 18:36:09 GMT
vary: Accept-Encoding
x-amz-id-2: H+NtnCXdqFtUiGNUkv4LvMR7iWiaMQlI6PyAmGD854Y+5sm6QD4lkacTJRIpLmt7Wjysi6fNvZafXbBqdOnJQEv+HHrbQ6Qq
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEP6V0HE7F27HJ7N
cf-ray: 8de095c1ce66aa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9478
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 6040526436038a0064dfa788_DFI-Forensics-Homepage-Thumbnail.webp
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 75 KB
75 KB 193ms
189ms Image
image/webp 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/6040526436038a0064dfa788_DFI-Forensics-Homepage-Thumbnail.webp
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f9c99deac32131b8d2c386d16ec6d5f810ff9d40ec8b17931bbd3faa87de6d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

cf-cache-status: EXPIRED
etag: "ec4405f46c699ff8fee7ee8e0b3a89e4"
x-amz-version-id: tqWAUh9EatSy03oKoBk_jVuFPcrjGZ9P
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: image/webp
last-modified: Tue, 11 Oct 2022 16:49:55 GMT
vary: Accept-Encoding
x-amz-id-2: rsVzMC6jGfCMq3LLaS7njYJQpPVntXcomy7LE+W7+OPYEBA1ffnGvvbFgh2ljNNIbev8z6RmUxM=
cache-control: max-age=84600, must-revalidate
x-amz-request-id: XEP46CEN2J0DN4MQ
cf-ray: 8de095c1de6aaa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76510
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 206 61e8a7689f39428271de12f0_dfi-video-transcode.mp4
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 3 MB
0 321ms
315ms Media
video/mp4 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/61e8a7689f39428271de12f0_dfi-video-transcode.mp4
Requested by: Host: www.dfiforensics.com
URL: https://www.dfiforensics.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.dfiforensics.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: EXPIRED
etag: "50d2c027c4876739f04c50ea0b31ed95"
x-amz-version-id: WfQgAhhYHFGuOltop97tSg3eUYBZA1Fh
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: video/mp4
last-modified: Thu, 20 Jan 2022 00:06:29 GMT
vary: Accept-Encoding
x-amz-id-2: XbiCYdwUCO6iFJxRK70e1ny50UKRchObNojxmULd4d9mxc1nDrrkFtphhgI2tSgYkpnKOCOC+mnwpn5dkGyXKqbpaB4PczxU
Content-Range: bytes 0-9303397/9303398
x-amz-request-id: XEP6TKTEV8CSCJQP
cf-ray: 8de095c1de85aa9c-YYZ
access-control-allow-origin: *
Content-Length: 9303398
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 159ms
44ms Fetch
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NJ7Y4KXD9L&gtm=45je4au0v875247344za200&_p=1730848937148&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=911508455.1730848937&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730848937&sct=1&seg=0&dl=https%3A%2F%2Fwww.dfiforensics.com%2F&dt=Digital%20Forensics%20%26%20Cyber%20Attack%20Response&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false&tfd=2677
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NJ7Y4KXD9L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.dfiforensics.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 61ef068f61ddff1aa668229b_dfi-mobile-menu.json Show response
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 8 KB
2 KB 121ms
120ms XHR
application/json 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/61ef068f61ddff1aa668229b_dfi-mobile-menu.json
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/js/webflow.3e2a01dcb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52b5e05082d165b030249571d06b33498dd103fcf6df07690a35e3877e0f6da8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

access-control-max-age: 3000
content-encoding: br
cf-cache-status: EXPIRED
etag: W/"76af1b232a9f2ab5fc62ad44c28ee37a"
x-amz-version-id: 1uvYUc1OFg2.KU_U4uTEOKf5wdHPhtux
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 24 Jan 2022 20:05:36 GMT
x-amz-id-2: mzslY3jRfLJSGuGPTce5Q9jSapGvWpvPV1EOfgvpHL8fBtUAgitA5Nc3Xi8O/lzx3wR7MsOFS7Y=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEP55YM0FHVNR1RC
cf-ray: 8de095c4281736ff-YYZ
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 667f01320f02ee8d2f07494a_favicon-32x32.png
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 1 KB
2 KB 1384ms
1383ms Other
image/png 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/667f01320f02ee8d2f07494a_favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f299a31b6e16641094619b82f9700017e700ab34d26a199db644bf2b03c99fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.dfiforensics.com/

Response headers

cf-cache-status: EXPIRED
etag: "456c552b49adb57ce2b7ee343ab4e455"
x-amz-version-id: DanV_.Frr1L47oOEZq4K_J8Q74L0tmiA
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: image/png
last-modified: Fri, 28 Jun 2024 18:30:12 GMT
vary: Accept-Encoding
x-amz-id-2: kUxUBMMkrbKtyoJKs4YY+VS6zWcWpr+zr9KlsmZi1b0hz4zuJXsTmJk9e6aqqfNSvE5Qq6+f/KGBoG/X5/1+0ioTAzlSRrkIAgqEud5nfrI=
cache-control: max-age=31536000, must-revalidate
x-amz-request-id: XEP3K8P3PACHDW96
cf-ray: 8de095c4ba8aaa9c-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1130
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 206 61e8a7689f39428271de12f0_dfi-video-transcode.mp4
cdn.prod.website-files.com/6037dc150825baabe2061d78/ 64 KB
0 2ms
1ms Media
video/mp4 104.18.160.117
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/6037dc150825baabe2061d78/61e8a7689f39428271de12f0_dfi-video-transcode.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.160.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.dfiforensics.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=3507137-

Response headers

cf-cache-status: EXPIRED
etag: "50d2c027c4876739f04c50ea0b31ed95"
x-amz-version-id: WfQgAhhYHFGuOltop97tSg3eUYBZA1Fh
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 23:22:17 GMT
content-type: video/mp4
last-modified: Thu, 20 Jan 2022 00:06:29 GMT
vary: Accept-Encoding
x-amz-id-2: XbiCYdwUCO6iFJxRK70e1ny50UKRchObNojxmULd4d9mxc1nDrrkFtphhgI2tSgYkpnKOCOC+mnwpn5dkGyXKqbpaB4PczxU
Content-Range: bytes 3507137-9303397/9303398
x-amz-request-id: XEP6TKTEV8CSCJQP
cf-ray: 8de095c1de85aa9c-YYZ
access-control-allow-origin: *
Content-Length: 5796261
server: cloudflare
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dfiforensics.com/	1970-01-21 10:23:28	Name: _ga_NJ7Y4KXD9L Value: GS1.1.1730848937.1.0.1730848937.0.0.0
.prod.website-files.com/	1970-01-21 00:47:30	Name: __cf_bm Value: vmsn7J93HUYBKJPLhRzB9s7E0fLYEKSevxa6Wqyfh0w-1730848937-1.0.1.1-JW5SMfkNGqXv71CxnZ8s0C3SkNvcfjXrD5YpdDErE.c4GYIZA8Z8hL4U65ojFO4drAnHrytwKjzEDRVaTKyKCA
.dfiforensics.com/	1970-01-21 10:23:28	Name: _ga Value: GA1.1.911508455.1730848937

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.prod.website-files.com
d3e54v103j8qbb.cloudfront.net
dfiforensics.ca
uploads-ssl.webflow.com
www.dfiforensics.ca
www.dfiforensics.com
www.google-analytics.com
www.googletagmanager.com
104.18.160.117
13.33.251.68
172.64.153.109
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2008
3.233.126.24
99.83.190.102
00d1e24a8bd502e556b500706d2dcb89366f9c614fe4e5829b47cb83acb758d0
02ff592331224277873aa98a83377518dbb56cdf1ac00592f2949f1427350eb2
059d87195ac799babfa43fc443028f8dfbfec34e0887f69999b63610ec9a3631
0dc3ad68cb66879695103da73bd55aae923ae4cabfd662a8b670a066a6167fa2
2cd89b9ba73129c83669a482dac4f94fba8496492df0b100e760ae43bba538c1
2d6fd1e7498260c8c30cb9e1616b35d7de353064a368bce4a843c01f97d4ca72
2f9c99deac32131b8d2c386d16ec6d5f810ff9d40ec8b17931bbd3faa87de6d2
52b5e05082d165b030249571d06b33498dd103fcf6df07690a35e3877e0f6da8
6f299a31b6e16641094619b82f9700017e700ab34d26a199db644bf2b03c99fa
75652abe512575e8a54ec5b5a193e513e5127e65fea408c8565a5a2791b922d5
d2a86fc430d7b2f181c07ff17ad1bfd2bd1e35f854f31d58c4ca2716012c07aa
d7766b0c71e2ef4fd5d4238b8dca14425051ecc7729459bc9c7eeac915909a0f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.dfiforensics.com Open in urlscan Pro 3.233.126.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

29 %IPv6

7 Domains

8 Subdomains

6 IPs

2 Countries

558 kBTransfer

4785 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

www.dfiforensics.com Open in urlscan Pro
3.233.126.24 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

8
Subdomains

6
IPs

2
Countries

558 kB
Transfer

4785 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions