605da716ea7651a6b359c9f8.trk.mailchef.4dem.it
Open in
urlscan Pro
34.147.46.37
Public Scan
Effective URL: https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/wbs1.php?p=8atc%2F7n6s%2Frs%2F1nz0%2F200l%2Frs%2Frs&utm_source=4Dem&utm_medium=Email-Marketing-4...
Submission Tags: phishing malicious Search All
Submission: On September 13 via api from NL — Scanned from IT
Summary
TLS certificate: Issued by R3 on August 19th 2023. Valid for: 3 months.
This is the only time 605da716ea7651a6b359c9f8.trk.mailchef.4dem.it was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 34.147.46.37 34.147.46.37 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
3 | 1 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 37.46.147.34.bc.googleusercontent.com
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it | |
cdn.4img.it |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
4img.it
cdn.4img.it |
67 KB |
2 |
4dem.it
1 redirects
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it |
4 KB |
3 | 2 |
Domain | Requested by | |
---|---|---|
2 | cdn.4img.it |
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it
|
2 | 605da716ea7651a6b359c9f8.trk.mailchef.4dem.it | 1 redirects |
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.uil.it |
youtu.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.trk.mailchef.4dem.it R3 |
2023-08-19 - 2023-11-17 |
3 months | crt.sh |
*.4img.it R3 |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/wbs1.php?p=8atc%2F7n6s%2Frs%2F1nz0%2F200l%2Frs%2Frs&utm_source=4Dem&utm_medium=Email-Marketing-4Dem&utm_campaign=FREEBACK&utm_content=Subscriber%2376724
Frame ID: 7B5DA410FF50F1E80751375A91B193CA
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
La UIL ti dà il benvenuto nel circuito FREEBACK.Page URL History Show full URLs
-
https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/ttn.php?p=b3643401f830b1960ed3c88497a31d31/8atc/7n6s/rs/1nz0/200l/rs/rs/rs//...
HTTP 302
https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/wbs1.php?p=8atc%2F7n6s%2Frs%2F1nz0%2F200l%2Frs%2Frs&utm_source=4Dem&utm_medi... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Guarda il VIDEO
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/ttn.php?p=b3643401f830b1960ed3c88497a31d31/8atc/7n6s/rs/1nz0/200l/rs/rs/rs//https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/wbs1.php?p=8atc/7n6s/rs/1nz0/200l/rs/rs
HTTP 302
https://605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/wbs1.php?p=8atc%2F7n6s%2Frs%2F1nz0%2F200l%2Frs%2Frs&utm_source=4Dem&utm_medium=Email-Marketing-4Dem&utm_campaign=FREEBACK&utm_content=Subscriber%2376724 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
wbs1.php
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/ Redirect Chain
|
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_UILconvenzioni_New.png
cdn.4img.it/605da716ea7651a6b359c9f8-17cbbae9-30d1-4406-ac71-5be643259f0d/ |
37 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FreeBack2.jpg
cdn.4img.it/605da716ea7651a6b359c9f8-e603b302-3b07-47d6-be01-142a6f282540/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it/ | Name: PHPSESSID Value: g25u28maq6893t65vf5nqok2q5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
605da716ea7651a6b359c9f8.trk.mailchef.4dem.it
cdn.4img.it
34.147.46.37
30f89e792a9225325f0efc4ab6f262f472a2c7ba1f32c6b898654ef3782e5682
411d2a5bb27551554adcc7096c2fcc2919fa04c5b59992d44ca4485c03c6c815
fff07cbe0fa0661360a8ffca1d6af58aef5f60fab86a1b5d987a50e4acb6a2cc