preproduction.login.brenntag.com Open in urlscan Pro
2606:4700::6810:605e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://auth.preprod.apps.digib.it/
Effective URL:
https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBB...
Submission: On November 13 via automatic, source certstream-suspicious (November 13th 2020, 1:26:05 pm UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main IP is 2606:4700::6810:605e, located in United States and belongs to CLOUDFLARENET, US. The main domain is preproduction.login.brenntag.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 3rd 2020. Valid for: a year.

This is the only time preproduction.login.brenntag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.204.80.51 35.204.80.51	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:605e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	52.84.195.60 52.84.195.60	16509 (AMAZON-02) (AMAZON-02)
5	3.94.39.221 3.94.39.221	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.29 143.204.215.29	16509 (AMAZON-02) (AMAZON-02)
1	34.193.191.102 34.193.191.102	14618 (AMAZON-AES) (AMAZON-AES)
10	6

1 35.204.80.51 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)

auth.preprod.apps.digib.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:605e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

preproduction.login.brenntag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (Ascension Island)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.195.60 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.94.39.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-39-221.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-29.fra53.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.191.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	freshchat.com wchat.freshchat.com	26 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	39 KB
2	brenntag.com 1 redirects preproduction.login.brenntag.com	106 KB
1	auth0.com cdn.auth0.com	37 KB
1	sentry-cdn.com browser.sentry-cdn.com	18 KB
1	digib.it 1 redirects auth.preprod.apps.digib.it	629 B
10	6

	Domain	Requested by
5	wchat.freshchat.com	preproduction.login.brenntag.com wchat.freshchat.com
2	preproduction.login.brenntag.com	1 redirects
1	heapanalytics.com
1	cdn.heapanalytics.com	preproduction.login.brenntag.com
1	cdn.auth0.com	preproduction.login.brenntag.com
1	browser.sentry-cdn.com	preproduction.login.brenntag.com
1	auth.preprod.apps.digib.it	1 redirects
10	7

This site contains no links.

Subject Issuer	Validity	Valid
preproduction.login.brenntag.com Cloudflare Inc ECC CA-3	`2020-11-03` - `2021-11-02`	a year	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-11-12` - `2021-04-22`	5 months	crt.sh
*.auth0.com Amazon	`2020-05-23` - `2021-06-23`	a year	crt.sh
wchat.freshchat.com Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile
Frame ID: 5B7213690F9FFB295850E5189F66DE06
Requests: 9 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=26dd9639-4e4c-4a8b-bbee-7fe46386a131&referrer=aHR0cHM6Ly9wcmVwcm9kdWN0aW9uLmxvZ2luLmJyZW5udGFnLmNvbQ==
Frame ID: CF39D5C2F832FF2F9085D6FA42149C07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Brenntag Connect

Page URL History Show full URLs

https://auth.preprod.apps.digib.it/ HTTP 302
https://preproduction.login.brenntag.com/authorize?redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&a... HTTP 302
https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

10
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

223 kB
Transfer

670 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://auth.preprod.apps.digib.it/ HTTP 302
https://preproduction.login.brenntag.com/authorize?redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&prompt=login&client_id=egpWazPsEzHT7yjIMuQasE43JA0kHArX&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile&state=15632b7d85b53cfb20bcdb2a7bf7c04c HTTP 302
https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
preproduction.login.brenntag.com/
Redirect Chain

https://auth.preprod.apps.digib.it/
https://preproduction.login.brenntag.com/authorize?redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&prompt=login&client_id=egpWazPsEzHT7yjIMuQasE43JA0kHArX&response_t...
https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEw...

292 KB
104 KB

89ms
88ms

Document
text/html

2606:4700::6810:605e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:605e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dff5f154326e03420c5605401669da135d895aafed6e19f9bebcd684249a7b3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: preproduction.login.brenntag.com
:scheme: https
:path: /login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df31e84c44778152cf701c90a4f2fb9a01605273948; did=s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI; auth0=s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw; did_compat=s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI; auth0_compat=s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw; __cf_bm=7c71c401a2257117e036f05523cbea146386febf-1605273948-1800-AcsNKhsgiQLivUY7uyCVu3PGfdpPXP9Bqza29ZwaMM2IhIib4oD2jSu1+G6XVxunx/LZrqKua6RjV+l20WPqhgA=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 13 Nov 2020 13:25:48 GMT
content-type: text/html; charset=utf-8
cf-ray: 5f18d223bc5cd6fd-FRA
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
content-encoding: gzip
etag: W/"49147-64zlKdWeW7T14pj1YfrvKuMfklw"
set-cookie: _csrf=_zYVj4y1Xdmx-yR0xVZQ1Wlu; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure __cf_bm=31f3a8b6b31168edd172af6ed27d42850b9ca15a-1605273948-1800-AVz3JGB3ipJ/64vnwaOJhr4+QHcMR/rVY58gWLHrjqj5SRBPLgMclNn0V2910CsCt2kYOl3pPouq6obe0oRD35Q=; path=/; expires=Fri, 13-Nov-20 13:55:48 GMT; domain=.preproduction.login.brenntag.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 066361aa4f0000d6fd122b9000000001
content-security-policy: frame-ancestors 'none'
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 5f18d223bc5cd6fd
ot-tracer-sampled: true
ot-tracer-spanid: 510756d94c9376d3
ot-tracer-traceid: 71de32995973594d
referrer-policy: same-origin
x-auth0-requestid: 3516e04f0acc8c48a40e
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1605273949
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
server: cloudflare

Redirect headers

status: 302
date: Fri, 13 Nov 2020 13:25:48 GMT
content-type: text/html; charset=utf-8
content-length: 912
set-cookie: __cfduid=df31e84c44778152cf701c90a4f2fb9a01605273948; expires=Sun, 13-Dec-20 13:25:48 GMT; path=/; domain=.preproduction.login.brenntag.com; HttpOnly; SameSite=Lax; Secure did=s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI; Max-Age=31557600; Path=/; Expires=Sat, 13 Nov 2021 19:25:48 GMT; HttpOnly; Secure; SameSite=None auth0=s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw; Path=/; Expires=Mon, 16 Nov 2020 13:25:48 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI; Max-Age=31557600; Path=/; Expires=Sat, 13 Nov 2021 19:25:48 GMT; HttpOnly; Secure auth0_compat=s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw; Path=/; Expires=Mon, 16 Nov 2020 13:25:48 GMT; HttpOnly; Secure __cf_bm=7c71c401a2257117e036f05523cbea146386febf-1605273948-1800-AcsNKhsgiQLivUY7uyCVu3PGfdpPXP9Bqza29ZwaMM2IhIib4oD2jSu1+G6XVxunx/LZrqKua6RjV+l20WPqhgA=; path=/; expires=Fri, 13-Nov-20 13:55:48 GMT; domain=.preproduction.login.brenntag.com; HttpOnly; Secure; SameSite=None
location: /login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile
cf-ray: 5f18d222a9fbd6fd-FRA
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
strict-transport-security: max-age=31536000
vary: Accept, Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 066361a9ab0000d6fd122aa000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ot-baggage-auth0-request-id: 5f18d222a9fbd6fd
ot-tracer-sampled: true
ot-tracer-spanid: 576f8910028dac09
ot-tracer-traceid: 7fcf450f599a3370
x-auth0-requestid: d8eec6fd8025991f0c9a
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1605273949
server: cloudflare

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.21.1/ 57 KB
18 KB 20ms
6ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.21.1/bundle.min.js

Requested by

Host: preproduction.login.brenntag.com
URL: https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3fe76ab95a7f99b6692c054f11b44e3fbfab6345eeca5c73b64b19d1be4a02cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://preproduction.login.brenntag.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:48 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 20:00:19 GMT
server: Fastly
age: 8008158
etag: "890d523c002ada4fe751bd69032dc2ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17769
expires: Thu, 12 Aug 2021 20:56:29 GMT

GET
H2 200 auth0.min.js Show response
cdn.auth0.com/js/auth0/9.11/ 138 KB
37 KB 165ms
58ms Script
application/javascript 52.84.195.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0/9.11/auth0.min.js
Requested by: Host: preproduction.login.brenntag.com
URL: https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.195.60 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 11:59:39 GMT
content-encoding: gzip
age: 5170
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2019 03:28:22 GMT
server: AmazonS3
etag: W/"8aaeb19bcc97ce84037e05d32a8214b1"
vary: Accept-Encoding
x-amz-version-id: aSext1FIqk1MhYvH8ktwHiqmr.lxzw4N
via: 1.1 dfc3a7bfbc818f103aa0634d79f28907.cloudfront.net (CloudFront)
cache-control: max-age=10800,public
x-amz-cf-pop: WAW50-C1
content-type: application/javascript
x-amz-cf-id: _0SUcOQ176lIrREae4-RrX52Nfko4C63m7gWyIvMZNqa9848CUgnsg==

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 43 KB
13 KB 357ms
169ms Script
application/javascript 3.94.39.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.39.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-39-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1891fccf90141bbbc492d1ad9cf7b7c723cc879bca917ef3d87afac74010efa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:49 GMT
served-by: 1862
last-modified: Thu, 12 Nov 2020 09:18:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 1862
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 heap-2296812124.js Show response
cdn.heapanalytics.com/js/ 96 KB
38 KB 364ms
311ms Script
application/javascript 143.204.215.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-2296812124.js
Requested by: Host: preproduction.login.brenntag.com
URL: https://preproduction.login.brenntag.com/login?state=g6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg&client=egpWazPsEzHT7yjIMuQasE43JA0kHArX&protocol=oauth2&prompt=login&redirect_uri=https%3A%2F%2Fauth.preprod.apps.digib.it%2Fredirect&app_id=unknown&response_type=code&nonce=6abf421ff8b6de7aae65fa62f10ae727&scope=openid%20email%20profile
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-29.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: f8a2d7dd9e9fc4d81b5e59315feee5a3b4f8b5202eb51acb9d679c5c216817cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:49 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA53-C1
etag: W/"17f10-Ll4EZz3CTxSPhLKg0WR2fg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-id: -L2etGY3VYsaFazC0IoVvGQNZ0pJsGhZqqL1YbHJggNCIXZEG2quXw==
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)

GET
H2 200 /
wchat.freshchat.com/widget/ Frame CF39 0
0 93ms
93ms Document
text/html 3.94.39.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=26dd9639-4e4c-4a8b-bbee-7fe46386a131&referrer=aHR0cHM6Ly9wcmVwcm9kdWN0aW9uLmxvZ2luLmJyZW5udGFnLmNvbQ==

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.39.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-39-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: wchat.freshchat.com
:scheme: https
:path: /widget/?token=26dd9639-4e4c-4a8b-bbee-7fe46386a131&referrer=aHR0cHM6Ly9wcmVwcm9kdWN0aW9uLmxvZ2luLmJyZW5udGFnLmNvbQ==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 13 Nov 2020 13:25:49 GMT
content-type: text/html
server: nginx
last-modified: Thu, 12 Nov 2020 09:18:50 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 1862
x-server: 1862
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip

GET
H2 200 widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 93ms
93ms Stylesheet
text/css 3.94.39.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1605273949534

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.39.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-39-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3bcad3bc2c248f68ea5e15f27ca91c07f8dbd26a2d1cba16afd2675369a4a7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:49 GMT
served-by: 3786
last-modified: Thu, 12 Nov 2020 09:18:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
status: 200
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 3786
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Sat, 13 Nov 2021 13:25:49 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
213 B 281ms
95ms Image
image/gif 34.193.191.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=2296812124&u=8358851589720478&v=4475557128904624&s=7014926849115288&b=web&tv=4.0&z=0&g=%23%2F&h=%2Flogin&q=%3Fstate%3Dg6Fo2SBGUmpxSXhlbmk1NklPcnBHZDd2ZlN3c2phNEtmMGdnWKN0aWTZIDI2NUM3UmJ2Q2M3Unk1d1NnOHBBMGoybGpVbWMwOFp4o2NpZNkgZWdwV2F6UHNFekhUN3lqSU11UWFzRTQzSkEwa0hBclg%26client%3DegpWazPsEzHT7yjIMuQasE43JA0kHArX%26protocol%3Doauth2%26prompt%3Dlogin%26redirect_uri%3Dhttps%253A%252F%252Fauth.preprod.apps.digib.it%252Fredirect%26app_id%3Dunknown%26response_type%3Dcode%26nonce%3D6abf421ff8b6de7aae65fa62f10ae727%26scope%3Dopenid%2520email%2520profile&d=preproduction.login.brenntag.com&t=Login%20%7C%20Brenntag%20Connect&ts=1605273949655&st=1605273949664
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.191.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Nov 2020 13:25:49 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 co-browsing.js Show response
wchat.freshchat.com/js/ 35 KB
10 KB 95ms
94ms Script
application/javascript 3.94.39.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.39.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-39-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7a6ccb97a719929549720c4f8715e92485bf46647dee5791e47b9561d489403d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:50 GMT
served-by: 2068
last-modified: Thu, 12 Nov 2020 09:18:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2068
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cb.css
wchat.freshchat.com/css/ 1 KB
980 B 92ms
92ms Stylesheet
text/css 3.94.39.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1605273950368

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.39.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-39-221.compute-1.amazonaws.com

Software

nginx /

Resource Hash

496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 13:25:50 GMT
served-by: 2068
last-modified: Thu, 12 Nov 2020 09:18:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
status: 200
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 2068
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Sat, 13 Nov 2021 13:25:50 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.preproduction.login.brenntag.com/	1970-01-19 13:54:35	Name: __cf_bm Value: 31f3a8b6b31168edd172af6ed27d42850b9ca15a-1605273948-1800-AVz3JGB3ipJ/64vnwaOJhr4+QHcMR/rVY58gWLHrjqj5SRBPLgMclNn0V2910CsCt2kYOl3pPouq6obe0oRD35Q=
preproduction.login.brenntag.com/	1970-01-19 13:58:53	Name: auth0_compat Value: s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw
preproduction.login.brenntag.com/	1970-01-19 13:58:53	Name: auth0 Value: s%3AJsUoHWQiV540bT1SWfR_UhITTPJgpLOQ.EI%2FOTkKPwPfeZMGLL9w1Seuu4fjjFTAMy6NQHpW4Uuw
preproduction.login.brenntag.com/	1970-01-19 22:40:31	Name: did_compat Value: s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI
preproduction.login.brenntag.com/	1970-01-19 22:40:31	Name: did Value: s%3Av0%3Abe4c57a0-25b3-11eb-9c6c-e7b831851574.oTIGxxozaqtnjxx6teAJU4EWrkX4m2TJltpdfQDv1TI
.preproduction.login.brenntag.com/	1970-01-19 14:37:45	Name: __cfduid Value: df31e84c44778152cf701c90a4f2fb9a01605273948

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.preprod.apps.digib.it
browser.sentry-cdn.com
cdn.auth0.com
cdn.heapanalytics.com
heapanalytics.com
preproduction.login.brenntag.com
wchat.freshchat.com
143.204.215.29
2606:4700::6810:605e
2a04:4e42:200::729
3.94.39.221
34.193.191.102
35.204.80.51
52.84.195.60
1891fccf90141bbbc492d1ad9cf7b7c723cc879bca917ef3d87afac74010efa3
2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005
3bcad3bc2c248f68ea5e15f27ca91c07f8dbd26a2d1cba16afd2675369a4a7f9
3fe76ab95a7f99b6692c054f11b44e3fbfab6345eeca5c73b64b19d1be4a02cb
496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a
7a6ccb97a719929549720c4f8715e92485bf46647dee5791e47b9561d489403d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
dff5f154326e03420c5605401669da135d895aafed6e19f9bebcd684249a7b3a
f8a2d7dd9e9fc4d81b5e59315feee5a3b4f8b5202eb51acb9d679c5c216817cf

preproduction.login.brenntag.com Open in urlscan Pro 2606:4700::6810:605e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

29 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

223 kBTransfer

670 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

preproduction.login.brenntag.com Open in urlscan Pro
2606:4700::6810:605e Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

223 kB
Transfer

670 kB
Size

6
Cookies

10 HTTP transactions
0 data transactions