signin.4dem.it Open in urlscan Pro
34.90.128.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailchef.4dem.it/u.php
Effective URL:
https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Submission: On December 09 via api (December 9th 2020, 9:12:54 am UTC) from IE

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 43 HTTP transactions. The main IP is 34.90.128.196, located in United States and belongs to GOOGLE, US. The main domain is signin.4dem.it.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 23rd 2020. Valid for: 3 months.

This is the only time signin.4dem.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 17	34.90.128.196 34.90.128.196	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.73.2 65.9.73.2	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:eb:... 2a02:26f0:eb:386::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.73.19 65.9.73.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.194.84 13.224.194.84	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.240.31.203 34.240.31.203	16509 (AMAZON-02) (AMAZON-02)
1	35.204.226.230 35.204.226.230	15169 (GOOGLE) (GOOGLE)
3	143.204.215.36 143.204.215.36	16509 (AMAZON-02) (AMAZON-02)
4	65.9.76.184 65.9.76.184	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
43	19

17 34.90.128.196 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 196.128.90.34.bc.googleusercontent.com

mailchef.4dem.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signin.4dem.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sysapi.4dem.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:386::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.84 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-84.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.31.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-31-203.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.226.230 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 230.226.204.35.bc.googleusercontent.com

4img.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-36.fra53.r.cloudfront.net

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.76.184 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d3hb14vkzrxvla.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	4dem.it 4 redirects mailchef.4dem.it signin.4dem.it sysapi.4dem.it	816 KB
5	google-analytics.com www.google-analytics.com	19 KB
4	cloudfront.net d3hb14vkzrxvla.cloudfront.net	8 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
3	helpscout.net beacon-v2.helpscout.net	260 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googletagmanager.com www.googletagmanager.com	138 KB
2	facebook.com 1 redirects www.facebook.com	576 B
2	facebook.net connect.facebook.net	92 KB
2	licdn.com snap.licdn.com	3 KB
1	atdmt.com cx.atdmt.com	628 B
1	4img.it 4img.it	215 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	87 B
43	15

	Domain	Requested by
9	signin.4dem.it	signin.4dem.it
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	d3hb14vkzrxvla.cloudfront.net	beacon-v2.helpscout.net
4	sysapi.4dem.it	signin.4dem.it
4	mailchef.4dem.it	4 redirects
3	beacon-v2.helpscout.net	signin.4dem.it beacon-v2.helpscout.net
3	www.googletagmanager.com	signin.4dem.it www.googletagmanager.com
2	www.facebook.com	1 redirects signin.4dem.it
2	px.ads.linkedin.com	1 redirects signin.4dem.it
2	connect.facebook.net	signin.4dem.it connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	cx.atdmt.com
1	4img.it	signin.4dem.it
1	in.hotjar.com	script.hotjar.com
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	signin.4dem.it
1	www.google.com	signin.4dem.it
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
43	21

This site contains links to these domains. Also see Links.

Domain
signup.4dem.it

Subject Issuer	Validity	Valid
*.4dem.it Let's Encrypt Authority X3	`2020-10-23` - `2021-01-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
4img.it R3	`2020-12-03` - `2021-03-03`	3 months	crt.sh
*.helpscout.net Amazon	`2020-05-23` - `2021-06-23`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-10-10` - `2021-01-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Frame ID: 6E4DF7D29BFEA00F32AB6A5DA1B83938
Requests: 42 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 862FF3E96AE30EC69580A21B92E92A60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mailchef.4dem.it/u.php HTTP 302
https://mailchef.4dem.it/app/public/unsubscribe/rs/0/rs/rs/rs/rs/rs/c HTTP 302
https://mailchef.4dem.it/ HTTP 302
https://mailchef.4dem.it/app/user/ HTTP 302
https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Envoy (Reverse Proxy) Expand

Overall confidence: 100%
Detected patterns

headers server /^envoy$/i

Page Statistics

43
Requests

100 %
HTTPS

58 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

1610 kB
Transfer

3525 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://signup.4dem.it/
Title: Registrati ora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailchef.4dem.it/u.php HTTP 302
https://mailchef.4dem.it/app/public/unsubscribe/rs/0/rs/rs/rs/rs/rs/c HTTP 302
https://mailchef.4dem.it/ HTTP 302
https://mailchef.4dem.it/app/user/ HTTP 302
https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D268777%26url%3Dhttps%253A%252F%252Fsignin.4dem.it%252F%253Fredirect%253Dhttps%253A%252F%252Fmailchef.4dem.it%252Fapp%252Fuser%252F%2523%252F%26time%3D1607505157293%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293&liSync=true

Request Chain 44

https://www.facebook.com/tr/?id=586792675076844&ev=Microdata&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&rl=&if=false&ts=1607505158845&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%20-%20Entra%20in%204Dem%20con%20un%20click%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1607505157318.1772538416&it=1607505157222&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=4739706913419166259&f=AYzTvy23A5PmO3NsYJ9NJF50xvFl6XN3C_umB1yR9kMuIGyu3I-PdFWr5NzMYma-vW27DUB9hbXH9-V_BIEjF7uX&id=586792675076844&l=3&v=0

43 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
signin.4dem.it/
Redirect Chain

https://mailchef.4dem.it/u.php
https://mailchef.4dem.it/app/public/unsubscribe/rs/0/rs/rs/rs/rs/rs/c
https://mailchef.4dem.it/
https://mailchef.4dem.it/app/user/
https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

6 KB
2 KB

61ms
15ms

Document
text/html

34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: ba2ca02f0b414f6ba248858361ae32feb66d9035f099e25ad18ce8e4e3cc2371

Request headers

Host: signin.4dem.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: envoy
date: Wed, 09 Dec 2020 09:12:36 GMT
content-type: text/html
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
etag: W/"5e8dc271-1957"
expires: Wed, 09 Dec 2020 09:12:36 GMT
cache-control: no-cache,no-store, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
x-envoy-upstream-service-time: 0
transfer-encoding: chunked

Redirect headers

server: envoy
date: Wed, 09 Dec 2020 09:12:36 GMT
content-type: text/html; charset=UTF-8
expires: on, 01 Jan 1970 00:00:00 GMT
last-modified: Wed, 09 Dec 2020 09:12:37 GMT
cache-control: no-store, no-cache, must-revalidate,post-check=0, pre-check=0
pragma: no-cache
location: https://signin.4dem.it?redirect=https://mailchef.4dem.it/app/user/
access-control-allow-origin: *
x-envoy-upstream-service-time: 24
vary: Accept-Encoding
content-encoding: gzip
transfer-encoding: chunked

GET
H/1.1 200
OK app.c29c1b134c094bb390925658bdca4c98.css
signin.4dem.it/static/css/ 185 KB
49 KB 16ms
15ms Stylesheet
text/css 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 5a37aab6965e637fab2904d3955398b17ee4cfbc24b4134edf40b7c363ee2163

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
vary: Accept-Encoding
content-type: text/css
x-envoy-upstream-service-time: 0
accept-ranges: bytes
transfer-encoding: chunked

GET
H/1.1 200
OK manifest.2ae2e69a05c33dfc65f8.js Show response
signin.4dem.it/static/js/ 857 B
904 B 46ms
16ms Script
application/javascript 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
accept-ranges: bytes
transfer-encoding: chunked

GET
H/1.1 200
OK vendor.7d719a4d90e437b1b485.js Show response
signin.4dem.it/static/js/ 519 KB
211 KB 48ms
17ms Script
application/javascript 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/js/vendor.7d719a4d90e437b1b485.js
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 042eed323d67042375a0ab2efeae0b4c16a6009846ec4fa00e6c673932fb5627

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1
accept-ranges: bytes
transfer-encoding: chunked

GET
H/1.1 200
OK app.ae49cc56a7bbf76834bb.js Show response
signin.4dem.it/static/js/ 86 KB
51 KB 47ms
15ms Script
application/javascript 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/js/app.ae49cc56a7bbf76834bb.js
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: ebf83a31a64e81765fb72da4f132cb603e892dec037cae65f3c68101b3d79c9a

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 0
accept-ranges: bytes
transfer-encoding: chunked

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
49 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7b9f6cd430f700ef5454e140dc526f380e42216dedb996274e1905ad1547aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49625
x-xss-protection: 0
expires: Wed, 09 Dec 2020 09:12:37 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 64ms
49ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WV99JKKF7E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b1075ffd541d87e70a4c922c4e857166382eba1a1eac22813d072754125b949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52277
x-xss-protection: 0
expires: Wed, 09 Dec 2020 09:12:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1367
date: Wed, 09 Dec 2020 08:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 09 Dec 2020 10:49:50 GMT

GET
H2 200 hotjar-1693701.js Show response
static.hotjar.com/c/ 4 KB
2 KB 35ms
35ms Script
application/javascript 65.9.73.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1693701.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.2 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a810781c3b6a17e99198558fcfd832b9387cee77569b15e0caba327357bd7434

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/1d85e073b68c8f189332f564a466bb08
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1694
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-id: 8TXL_Hzs7SUJ6AREnUdkG3xhK2GXORdKSORksGwnVAFbvv-WrJ5qfA==

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
760 B 40ms
17ms Script
application/x-javascript 2a02:26f0:eb:386::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:386::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 09:12:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=8799
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: 3GY0bX+q75bcUlawKjGaF5Isjcax+FICKypr0NdNj0fVuZjKy3WCLMUpnvB2TEoay3F6rw1QulQv6rkzVAdISQ==
x-fb-trip-id: 603378373
x-frame-options: DENY
date: Wed, 09 Dec 2020 09:12:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 54ms
45ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90753174-3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN784H8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cfdada49e2f5e724b9cb0d379e4c3f7ac8fb3fa0e42713be22414c313e96e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38976
x-xss-protection: 0
expires: Wed, 09 Dec 2020 09:12:37 GMT

OPTIONS
H/1.1 204
No Content configs
sysapi.4dem.it/clients/ Frame 0
0 65ms
18ms Other 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sysapi.4dem.it/clients/configs

Protocol

HTTP/1.1

Server

34.90.128.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

196.128.90.34.bc.googleusercontent.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-integrationapikey
Origin: https://signin.4dem.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: envoy
date: Wed, 09 Dec 2020 09:12:36 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://signin.4dem.it
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-integrationapikey
x-envoy-upstream-service-time: 2

GET
H/1.1 200
OK configs Show response
sysapi.4dem.it/clients/ 2 KB
2 KB 55ms
22ms XHR
application/json 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sysapi.4dem.it/clients/configs

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/static/js/vendor.7d719a4d90e437b1b485.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.90.128.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

196.128.90.34.bc.googleusercontent.com

Software

envoy /

Resource Hash

282be66813bf8c97f0e3b669cb91dbf698ce870f3c52b072342e218c4239b1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
X-IntegrationApiKey: CWzyyYW0C4qvC2vg81zET0gXVPoRs6o8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
transfer-encoding: chunked
x-envoy-upstream-service-time: 7
x-dns-prefetch-control: off
vary: Origin, Accept-Encoding
x-xss-protection: 1; mode=block
server: envoy
x-frame-options: SAMEORIGIN
etag: W/"93a-OzLq/nt7U1kx3GyNtXWP5uLLmAs"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: https://signin.4dem.it
access-control-allow-credentials: true

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=492685775&t=pageview&_s=1&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F&ul=en-us&de=UTF-8&dt=Login%20-%20Entra%20in%204Dem%20con%20un%20click&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=415794680&gjid=2045942520&cid=139905950.1607505157&tid=UA-55253002-1&_gid=1920583806.1607505157&_r=1&gtm=2wgbu0NN784H8&z=361960572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.4dem.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 586792675076844 Show response
connect.facebook.net/signals/config/ 238 KB
69 KB 43ms
42ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/586792675076844?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd0d3753d4fd41b4f1f7ee2334c1fd3b8e989f7b1e2aee0bf1b44d3fa2214a0f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: HCQvgV9M1uZljAeDA+xvf6HyDPpnrUqIg5pNEgZvawynDAyj0U8BgSV3fTx+qAFHto4J62QuT9+PVxjYY3IqQA==
x-fb-trip-id: 603378373
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Dec 2020 09:12:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1606264557
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.e8f2fe812b29ca995bc0.js Show response
script.hotjar.com/ 221 KB
58 KB 14ms
14ms Script
application/javascript 65.9.73.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e8f2fe812b29ca995bc0.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693701.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.19 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 18:02:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54634
x-cache: Hit from cloudfront
content-length: 59096
access-control-allow-origin: *
last-modified: Tue, 08 Dec 2020 17:58:32 GMT
etag: "13bf5c27d17b565cc3a6362a1a1be90f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 3D5NErQ0plAybIGbdYE1g-wpNQ4DTmD5dDr6r5FjLZk9k6UEIpIVuA==

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 43ms
43ms Script
application/x-javascript 2a02:26f0:eb:386::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:386::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Dec 2020 09:12:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 20:29:41 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13427
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-55253002-1&cid=139905950.1607505157&jid=415794680&gjid=2045942520&_gid=1920583806.1607505157&_u=YEBAAEAAAAAAAC~&z=2119058750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Dec 2020 09:12:37 GMT
content-type: text/plain
access-control-allow-origin: https://signin.4dem.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-55253002-1&cid=139905950.1607505157&jid=415794680&_u=YEBAAEAAAAAAAC~&z=1931168744

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-55253002-1&cid=139905950.1607505157&jid=415794680&_u=YEBAAEAAAAAAAC~&z=1931168744

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
23 B 12ms
12ms Other
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WV99JKKF7E&gtm=2oebu0&_p=492685775&sr=1600x1200&ul=en-us&cid=139905950.1607505157&_s=1&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F&dr=&dt=Login%20-%20Entra%20in%204Dem%20con%20un%20click&sid=1607505157&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV99JKKF7E&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.4dem.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=492685775&t=pageview&_s=1&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F&ul=en-us&de=UTF-8&dt=Login%20-%20Entra%20in%204Dem%20con%20un%20click&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1043915738&gjid=36076324&cid=139905950.1607505157&tid=UA-90753174-3&_gid=1920583806.1607505157&_r=1&gtm=2oubu0&z=2132107281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.4dem.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 862F 0
0 16ms
16ms Document
text/html 13.224.194.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1693701.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.84 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-84.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: FWnqj5hUNFLEv6E-OpECQAQmcFa6nr4hbDrYxRupJALXOMFpnlwP7Q==
age: 1354294

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D268777%26url%3Dhttps%253A%252F%252Fsignin.4dem.it%252F%253Fredirect%253Dhttps%253...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293&liSync=true

0
57 B

126ms
126ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293&liSync=true
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: sxztg2wBTxZgH0yqqysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: 28yQf2wBTxZABwylvSoAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 06EB1FBC0732420B948ECB3F59DEAB87 Ref B: FRAEDGE1119 Ref C: 2020-12-09T09:12:37Z
x-frame-options: sameorigin
date: Wed, 09 Dec 2020 09:12:37 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=268777&url=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&time=1607505157293&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=586792675076844&ev=PageView&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&rl=&if=false&ts=1607505157319&sw=1600&sh=1200&v=2.9.29&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1607505157318.1772538416&it=1607505157222&coo=false&rqm=GET

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 09 Dec 2020 09:12:37 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1693701/ 178 B
321 B 95ms
34ms XHR
application/json 34.240.31.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1693701/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e8f2fe812b29ca995bc0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.31.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-31-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 09 Dec 2020 09:12:37 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

OPTIONS
H/1.1 204
No Content me
sysapi.4dem.it/user/ Frame 0
0 18ms
18ms Other 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sysapi.4dem.it/user/me

Protocol

HTTP/1.1

Server

34.90.128.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

196.128.90.34.bc.googleusercontent.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-integrationapikey
Origin: https://signin.4dem.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: envoy
date: Wed, 09 Dec 2020 09:12:37 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://signin.4dem.it
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-integrationapikey
x-envoy-upstream-service-time: 2

GET
H/1.1 403
Forbidden me Show response
sysapi.4dem.it/user/ 23 B
697 B 27ms
27ms XHR
application/json 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sysapi.4dem.it/user/me

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/static/js/vendor.7d719a4d90e437b1b485.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.90.128.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

196.128.90.34.bc.googleusercontent.com

Software

envoy /

Resource Hash

12a22880bc2e59f8278b4a5e547567f0aa14d020ea456598267fa00208cfebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
X-IntegrationApiKey: CWzyyYW0C4qvC2vg81zET0gXVPoRs6o8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:36 GMT
x-content-type-options: nosniff
surrogate-control: no-store
x-dns-prefetch-control: off
x-envoy-upstream-service-time: 11
vary: Origin
content-length: 23
x-xss-protection: 1; mode=block
pragma: no-cache
server: envoy
x-frame-options: SAMEORIGIN
etag: W/"17-bqIm6pxC4cx+ZoszvXxsClwgWw8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: https://signin.4dem.it
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 img_signin.jpg
4img.it/4Dem/prodotto/ 214 KB
215 KB 71ms
16ms Image
image/jpeg 35.204.226.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4img.it/4Dem/prodotto/img_signin.jpg

Requested by

Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.226.230 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

230.226.204.35.bc.googleusercontent.com

Software

nginx/1.15.3 /

Resource Hash

7fcc89dbaf7918c7a8fb493005ca049cc38807a3611ba1ed830069a99f5676b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Wed, 08 Apr 2020 10:36:54 GMT
server: nginx/1.15.3
age: 2280
etag: "fdeeaf16d2448f6b66bf4894909ad78e"
x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: max-age=86400, public
content-length: 219185
expires: Thu, 10 Dec 2020 09:12:37 GMT

GET
H/1.1 200
OK Poppins-Regular.731a28a.ttf
signin.4dem.it/static/fonts/ 142 KB
142 KB 16ms
15ms Font
application/octet-stream 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/fonts/Poppins-Regular.731a28a.ttf
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

Origin: https://signin.4dem.it
Referer: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
etag: "5e8dc271-237a0"
content-type: application/octet-stream
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 145312

GET
H/1.1 200
OK Poppins-Light.3352653.ttf
signin.4dem.it/static/fonts/ 143 KB
143 KB 16ms
16ms Font
application/octet-stream 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/fonts/Poppins-Light.3352653.ttf
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 7f15d9a49bc6ca8b49ac995bbc36065b4bab0ed9f6d394a4c49d8f9ac85672c2

Request headers

Origin: https://signin.4dem.it
Referer: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
etag: "5e8dc271-23c28"
content-type: application/octet-stream
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 146472

GET
H/1.1 200
OK Roboto-Regular.3e1af3e.ttf
signin.4dem.it/static/fonts/ 168 KB
168 KB 17ms
16ms Font
application/octet-stream 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://signin.4dem.it/static/fonts/Roboto-Regular.3e1af3e.ttf
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95

Request headers

Origin: https://signin.4dem.it
Referer: https://signin.4dem.it/static/css/app.c29c1b134c094bb390925658bdca4c98.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
etag: "5e8dc271-29e9c"
content-type: application/octet-stream
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 171676

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 684d9c5f33b11d084aab399d576b8c9188aec29e2518c0f6c6ec1f7a139269bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b355c9c547d0ad9557c5c64f809729b170cb05db397f027b9b7e9da9b0aefad

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70e567e32fd6629364ad248a0710f428cb3176cd18f395013bd9e2b98b66c169

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f796e79fe9543bf915c7443f458a36fcf16d27847e0f141269c5cacadb1740a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ajax-loading.1ac6a3f.gif
signin.4dem.it/static/img/ 45 KB
45 KB 16ms
16ms Image
image/gif 34.90.128.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signin.4dem.it/static/img/ajax-loading.1ac6a3f.gif
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.90.128.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 196.128.90.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 24c5aa39e00100099df24ff11e7cffe5c6b3702a9a30b114f8f5638ce5ff613a

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:12:37 GMT
last-modified: Wed, 08 Apr 2020 12:24:17 GMT
server: envoy
etag: "5e8dc271-b218"
content-type: image/gif
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 45592

GET
H2 200 / Show response
beacon-v2.helpscout.net/ 293 B
653 B 34ms
10ms Script
application/javascript 143.204.215.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: signin.4dem.it
URL: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-36.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2911cba4f47d5b34f284828bd3dc7f1a5122767b22e26ff59d64ccedbb72aa5f

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 09:11:35 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
last-modified: Thu, 12 Nov 2020 17:48:34 GMT
server: AmazonS3
age: 63
etag: "e2bd43b564704f2d93dc348e50f0b3f6"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=120, s-maxage=120, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 293
x-amz-cf-id: mJ_A_0cW-JcyByc5or5QRzb8vzKWcaQfAI9jfkMBUcq-q27vAxqYxw==

GET
H2 200 vendor.0ea8cd5f.js Show response
beacon-v2.helpscout.net/static/js/ 673 KB
186 KB 9ms
9ms Script
application/javascript 143.204.215.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.0ea8cd5f.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-36.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e418575230d2ac4858a236aaccf861f7fd08487d50ee9bdd7e0bfc4921b9354b

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 08:43:52 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 17:48:35 GMT
server: AmazonS3
age: 1726
etag: "58a76b67f0174bfeb25b9aee104d2b49"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WhnYJaNKhow9z1MKa1oV3-OuxVMwDloLvNOTwUEpHzEDPYL6gAAPHw==

GET
H2 200 main.3cfae3d4.js Show response
beacon-v2.helpscout.net/static/js/ 344 KB
73 KB 9ms
9ms Script
application/javascript 143.204.215.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.3cfae3d4.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-36.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62d7848db948c72a252c9b197fa3d0a0f17512addf288ac7f9e0616ca707dfbe

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 08:19:48 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 17:48:35 GMT
server: AmazonS3
age: 3170
etag: "40a01bfccd2084c09cf3e313006c2ea7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: WnBRhjR5mEL5fS_SIu79PBPtSLIort2OENto-ScRr7akwojy54G9qg==

GET
H2 200 4006e65c-857f-4590-b54c-01e421c2c0dd Show response
d3hb14vkzrxvla.cloudfront.net/v1/ 6 KB
7 KB 102ms
102ms XHR
application/json 65.9.76.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.0ea8cd5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.76.184 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e1f6868f87ff815d6abc2fdf42f770dde84224f5612f5ed10ca415a4f41d8e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: 52aab8fe-86ea-4b20-a50b-a8aa14e5db5d
Accept: application/json, text/plain, */*
Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Helpscout-Release: 2.1.70
Beacon-Device-ID: 8429f24a-b887-4456-a639-b8b1aa77dcfa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Helpscout-Origin: Beacon-Embed

Response headers

date: Wed, 09 Dec 2020 09:12:38 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-ratelimit-remaining-general-minute: 150
x-cache: Miss from cloudfront
x-ratelimit-remaining-identify-hour: 50
x-ratelimit-limit-general-minute: 150
x-ratelimit-remaining-conversations-hour: 25
x-ratelimit-limit-identify-hour: 50
x-ratelimit-remaining-chat-tokens-hour: 50
x-ratelimit-limit-conversations-hour: 25
vary: Origin,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-remaining-attachments-hour: 25
access-control-allow-origin: https://signin.4dem.it
access-control-expose-headers: Resource-ID
cache-control: max-age=300
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: wOtLtEw3GFXUx1CUuCBln9Km80j-8xGhv2Sna4XS6j4hG8XMr_3XEA==
x-ratelimit-limit-attachments-hour: 25
x-ratelimit-limit-chat-tokens-hour: 50

OPTIONS
H2 200 4006e65c-857f-4590-b54c-01e421c2c0dd
d3hb14vkzrxvla.cloudfront.net/v1/ Frame 0
0 139ms
100ms Other 65.9.76.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd

Protocol

Server

65.9.76.184 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Origin: https://signin.4dem.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Wed, 09 Dec 2020 09:12:37 GMT
access-control-allow-origin: https://signin.4dem.it
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-allow-credentials: true
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-conversations-hour: 25
x-ratelimit-remaining-conversations-hour: 25
x-ratelimit-limit-identify-hour: 50
x-ratelimit-remaining-identify-hour: 50
x-ratelimit-limit-chat-tokens-hour: 50
x-ratelimit-remaining-chat-tokens-hour: 50
x-ratelimit-limit-general-minute: 150
x-ratelimit-remaining-general-minute: 150
x-ratelimit-limit-attachments-hour: 25
x-ratelimit-remaining-attachments-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Ra42Nj9J9kKhb8IFUIgjbR1qEw7GAv9YMJ4oaFFWM942qShLr_SGmQ==

GET
H2 200 agents Show response
d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd/ 119 B
837 B 102ms
101ms XHR
application/json 65.9.76.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd/agents

Requested by

Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/static/js/vendor.0ea8cd5f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.76.184 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

692c273067b2eb7a51a10dd434b164961884db8695c51c6940729ea3c84c19ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

correlationId: ea5bd98d-d9d2-4828-a079-ef5abdabf96f
Accept: application/json, text/plain, */*
Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
Helpscout-Release: 2.1.70
Beacon-Device-ID: 8429f24a-b887-4456-a639-b8b1aa77dcfa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Helpscout-Origin: Beacon-Embed

Response headers

date: Wed, 09 Dec 2020 09:12:38 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-ratelimit-remaining-general-minute: 150
x-cache: Miss from cloudfront
x-ratelimit-remaining-identify-hour: 50
x-ratelimit-limit-general-minute: 150
x-ratelimit-remaining-conversations-hour: 25
x-ratelimit-limit-identify-hour: 50
x-ratelimit-remaining-chat-tokens-hour: 50
x-ratelimit-limit-conversations-hour: 25
vary: Origin,Access-Control-Request-Method
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-remaining-attachments-hour: 25
access-control-allow-origin: https://signin.4dem.it
access-control-expose-headers: Resource-ID
cache-control: max-age=600
access-control-allow-credentials: true
content-type: application/json
x-amz-cf-id: p2vGX4u3ZUQXDzgvjlbBDhfANzdS0D-akuakTjCDJj_xjLwfkPGLtw==
x-ratelimit-limit-attachments-hour: 25
x-ratelimit-limit-chat-tokens-hour: 50

OPTIONS
H2 200 agents
d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd/ Frame 0
0 103ms
102ms Other 65.9.76.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3hb14vkzrxvla.cloudfront.net/v1/4006e65c-857f-4590-b54c-01e421c2c0dd/agents

Protocol

Server

65.9.76.184 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: beacon-device-id,correlationid,helpscout-origin,helpscout-release
Origin: https://signin.4dem.it
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Wed, 09 Dec 2020 09:12:38 GMT
access-control-allow-origin: https://signin.4dem.it
access-control-allow-methods: GET
access-control-allow-headers: beacon-device-id, correlationid, helpscout-origin, helpscout-release
access-control-expose-headers: Resource-ID
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-ratelimit-limit-conversations-hour: 25
x-ratelimit-remaining-conversations-hour: 25
x-ratelimit-limit-identify-hour: 50
x-ratelimit-remaining-identify-hour: 50
x-ratelimit-limit-chat-tokens-hour: 50
x-ratelimit-remaining-chat-tokens-hour: 50
x-ratelimit-limit-general-minute: 150
x-ratelimit-remaining-general-minute: 150
x-ratelimit-limit-attachments-hour: 25
x-ratelimit-remaining-attachments-hour: 25
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: p4_q565wF8aer9z4ksBuHap83edlH3JGl1cFwe6NcidgJ5b7iu7UKw==

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=586792675076844&ev=Microdata&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F%23%2F&rl=&if=false&ts=1607505158845&cd[Da...
https://cx.atdmt.com/?c=4739706913419166259&f=AYzTvy23A5PmO3NsYJ9NJF50xvFl6XN3C_umB1yR9kMuIGyu3I-PdFWr5NzMYma-vW27DUB9hbXH9-V_BIEjF7uX&id=586792675076844&l=3&v=0

43 B
628 B

39ms
25ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=4739706913419166259&f=AYzTvy23A5PmO3NsYJ9NJF50xvFl6XN3C_umB1yR9kMuIGyu3I-PdFWr5NzMYma-vW27DUB9hbXH9-V_BIEjF7uX&id=586792675076844&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: +/oXjl2PV9Whs4nv4UBR1v+q8CEzpdHlZAGN77mepGEtzkThRK/PIDopjl1lULh/4j+tAGPRaY/OsHqhIO2wvQ==
content-encoding: br
x-content-type-options: nosniff
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Dec 2020 01:12:38 PST
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
expires: Wed, 09 Dec 2020 01:12:38 PST

Redirect headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:38 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=4739706913419166259&f=AYzTvy23A5PmO3NsYJ9NJF50xvFl6XN3C_umB1yR9kMuIGyu3I-PdFWr5NzMYma-vW27DUB9hbXH9-V_BIEjF7uX&id=586792675076844&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
44 B 13ms
12ms Other
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-WV99JKKF7E&gtm=2oebu0&_p=492685775&sr=1600x1200&ul=en-us&cid=139905950.1607505157&_s=2&dl=https%3A%2F%2Fsignin.4dem.it%2F%3Fredirect%3Dhttps%3A%2F%2Fmailchef.4dem.it%2Fapp%2Fuser%2F&dr=&dt=Login%20-%20Entra%20in%204Dem%20con%20un%20click&sid=1607505157&sct=1&seg=0&en=scroll&_et=441&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV99JKKF7E&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://signin.4dem.it/?redirect=https://mailchef.4dem.it/app/user/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 09 Dec 2020 09:12:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signin.4dem.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.4dem.it/	1970-01-19 16:41:21	Name: _fbp Value: fb.1.1607505157318.1772538416
.4dem.it/	1970-01-20 08:02:57	Name: _ga_WV99JKKF7E Value: GS1.1.1607505157.1.0.1607505157.0
.4dem.it/	1970-01-19 23:17:21	Name: _hjid Value: 3a38cb8b-9ebe-4591-ae93-4805005ede29
.4dem.it/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.4dem.it/	1970-01-20 08:02:57	Name: _ga Value: GA1.2.139905950.1607505157
signin.4dem.it/	1970-01-19 14:31:45	Name: _hjIncludedInPageviewSample Value: 1
.4dem.it/	1970-01-19 14:31:45	Name: _gat_gtag_UA_90753174_3 Value: 1
.4dem.it/	1970-01-19 14:31:46	Name: _hjFirstSeen Value: 1
.4dem.it/	1970-01-19 14:31:45	Name: _gat_UA-55253002-1 Value: 1
.4dem.it/	1970-01-19 23:17:21	Name: 4demredirect Value: https://mailchef.4dem.it/app/user/
.4dem.it/	1970-01-19 14:33:11	Name: _gid Value: GA1.2.1920583806.1607505157
.4dem.it/	1970-01-19 14:31:46	Name: _hjAbsoluteSessionInProgress Value: 0
.4dem.it/	1970-01-19 16:41:21	Name: _gcl_au Value: 1.1.6933666.1607505157

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4img.it
beacon-v2.helpscout.net
connect.facebook.net
cx.atdmt.com
d3hb14vkzrxvla.cloudfront.net
in.hotjar.com
mailchef.4dem.it
px.ads.linkedin.com
script.hotjar.com
signin.4dem.it
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
sysapi.4dem.it
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.224.194.84
143.204.215.36
2620:1ec:21::14
2a00:1450:4001:802::2004
2a00:1450:4001:817::2008
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c09::9b
2a02:26f0:eb:386::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
34.240.31.203
34.90.128.196
35.204.226.230
65.9.73.19
65.9.73.2
65.9.76.184
042eed323d67042375a0ab2efeae0b4c16a6009846ec4fa00e6c673932fb5627
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a22880bc2e59f8278b4a5e547567f0aa14d020ea456598267fa00208cfebc5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
24c5aa39e00100099df24ff11e7cffe5c6b3702a9a30b114f8f5638ce5ff613a
282be66813bf8c97f0e3b669cb91dbf698ce870f3c52b072342e218c4239b1c4
2911cba4f47d5b34f284828bd3dc7f1a5122767b22e26ff59d64ccedbb72aa5f
3492bc139bf82bffa8725924455949cb36628db1491158107197f4f4829eeebb
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4cfdada49e2f5e724b9cb0d379e4c3f7ac8fb3fa0e42713be22414c313e96e12
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a37aab6965e637fab2904d3955398b17ee4cfbc24b4134edf40b7c363ee2163
5f796e79fe9543bf915c7443f458a36fcf16d27847e0f141269c5cacadb1740a
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62d7848db948c72a252c9b197fa3d0a0f17512addf288ac7f9e0616ca707dfbe
684d9c5f33b11d084aab399d576b8c9188aec29e2518c0f6c6ec1f7a139269bf
692c273067b2eb7a51a10dd434b164961884db8695c51c6940729ea3c84c19ec
6b1075ffd541d87e70a4c922c4e857166382eba1a1eac22813d072754125b949
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70e567e32fd6629364ad248a0710f428cb3176cd18f395013bd9e2b98b66c169
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7b355c9c547d0ad9557c5c64f809729b170cb05db397f027b9b7e9da9b0aefad
7f15d9a49bc6ca8b49ac995bbc36065b4bab0ed9f6d394a4c49d8f9ac85672c2
7fcc89dbaf7918c7a8fb493005ca049cc38807a3611ba1ed830069a99f5676b1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
a810781c3b6a17e99198558fcfd832b9387cee77569b15e0caba327357bd7434
ba2ca02f0b414f6ba248858361ae32feb66d9035f099e25ad18ce8e4e3cc2371
cd0d3753d4fd41b4f1f7ee2334c1fd3b8e989f7b1e2aee0bf1b44d3fa2214a0f
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1f6868f87ff815d6abc2fdf42f770dde84224f5612f5ed10ca415a4f41d8e43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e418575230d2ac4858a236aaccf861f7fd08487d50ee9bdd7e0bfc4921b9354b
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7b9f6cd430f700ef5454e140dc526f380e42216dedb996274e1905ad1547aa0
ebf83a31a64e81765fb72da4f132cb603e892dec037cae65f3c68101b3d79c9a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

signin.4dem.it Open in urlscan Pro 34.90.128.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

58 %IPv6

15 Domains

21 Subdomains

19 IPs

5 Countries

1610 kBTransfer

3525 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

signin.4dem.it Open in urlscan Pro
34.90.128.196 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

58 %
IPv6

15
Domains

21
Subdomains

19
IPs

5
Countries

1610 kB
Transfer

3525 kB
Size

13
Cookies

43 HTTP transactions
4 data transactions