win.carrefour.eu - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6811:7912, located in United States and belongs to CLOUDFLARENET, US. The main domain is win.carrefour.eu.
TLS certificate: Issued by GTS CA 1P5 on June 20th 2023. Valid for: 3 months.

This is the only time win.carrefour.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6811:7912	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:fceb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

1 2606:4700::6811:7912 (United States)

ASN13335 (CLOUDFLARENET, US)

win.carrefour.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:fceb (United States)

ASN13335 (CLOUDFLARENET, US)

touch-agency.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	emsecure.net touch-agency.emsecure.net	115 KB
1	carrefour.eu win.carrefour.eu	3 KB
6	2

	Domain	Requested by
5	touch-agency.emsecure.net	win.carrefour.eu
1	win.carrefour.eu
6	2

This site contains no links.

Subject Issuer	Validity	Valid
win.carrefour.eu GTS CA 1P5	`2023-06-20` - `2023-09-18`	3 months	crt.sh
*.emsecure.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-05-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ
Frame ID: 9342B1090004A854858B21DBA5917C34
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bonus Challenge

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

118 kB
Transfer

125 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request optiextension.dll Show response
win.carrefour.eu/optiext/ 11 KB
3 KB 267ms
176ms Document
text/html 2606:4700::6811:7912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df2c8e199e9b3357a763c6594634074a650e6ba864a84b03025af513bf13e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7ef98c700c1d4d7a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 23:16:21 GMT
referrer-policy: strict-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block

GET
H2 200 mail_nl.jpg
touch-agency.emsecure.net/images/Bonusland/recrutement/2023/20230724_bonsuchallenge/ 95 KB
95 KB 128ms
79ms Image
image/jpeg 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://touch-agency.emsecure.net/images/Bonusland/recrutement/2023/20230724_bonsuchallenge/mail_nl.jpg

Requested by

Host: win.carrefour.eu
URL: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0496df0e1a651f08385225c1da306aaa68c1b82b415d48ae55348d0680ad3556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.carrefour.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 23:16:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: REVALIDATED
cf-polished: origSize=104559
content-length: 97334
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 15:39:43 GMT
server: cloudflare
etag: "76a7b1145bed91:0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7ef98c71788191d1-FRA
expires: Mon, 31 Jul 2023 23:46:21 GMT

GET
H2 200 cta1_nl.png
touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/ 3 KB
3 KB 136ms
87ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/cta1_nl.png

Requested by

Host: win.carrefour.eu
URL: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

764a66a92908d4489e7d57f0c54475e907dc16102d43ace541f349f1ed875fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.carrefour.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 23:16:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: REVALIDATED
cf-polished: origSize=4064
content-length: 2687
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Jul 2022 07:47:42 GMT
server: cloudflare
etag: "fc24fefdc9cd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7ef98c71788291d1-FRA
expires: Mon, 31 Jul 2023 23:46:21 GMT

GET
H2 200 img1.png
touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/ 5 KB
5 KB 119ms
70ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/img1.png

Requested by

Host: win.carrefour.eu
URL: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7308a12f5a8d8479dc17ee898656b938436e0d5c65da71e082c7348b379d496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.carrefour.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 23:16:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: REVALIDATED
cf-polished: origSize=7814
content-length: 4853
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Jul 2022 07:46:37 GMT
server: cloudflare
etag: "14f3a2d7c9cd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7ef98c71788391d1-FRA
expires: Mon, 31 Jul 2023 23:46:21 GMT

GET
H2 200 img2.png
touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/ 7 KB
7 KB 135ms
87ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/img2.png

Requested by

Host: win.carrefour.eu
URL: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa03c82dda205bea24bf2b97694d216ce72acf0e9a87b5a5dc693713e83e5be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.carrefour.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 23:16:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: REVALIDATED
cf-polished: origSize=11500
content-length: 7527
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Jul 2022 07:46:37 GMT
server: cloudflare
etag: "b241acd7c9cd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7ef98c71788491d1-FRA
expires: Mon, 31 Jul 2023 23:46:21 GMT

GET
H2 200 img3.png
touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/ 5 KB
5 KB 135ms
88ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://touch-agency.emsecure.net/images/Bonusland/recrutement/2022/20220720/img3.png

Requested by

Host: win.carrefour.eu
URL: https://win.carrefour.eu/optiext/optiextension.dll?ID=Mf2MPBHQX8iG4X8hYdkYuwdZiKk4C7_8RJZpDJr_v4ZYMbg3tYyT4Vr+cR7hqvRQK15V9j7R6cR85GUnImqFDkAEwhMMMZ

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26caf917f10e913b6396bbf3e18486af27eccbd3153aceb41df1e426b51349d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.carrefour.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 23:16:21 GMT
strict-transport-security: max-age=31536000; includeSubdomains
cf-cache-status: REVALIDATED
cf-polished: origSize=7633
content-length: 4736
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Jul 2022 07:46:37 GMT
server: cloudflare
etag: "7890b5d7c9cd81:0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 7ef98c71788591d1-FRA
expires: Mon, 31 Jul 2023 23:46:21 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

touch-agency.emsecure.net
win.carrefour.eu
2606:4700::6811:7912
2606:4700::6811:fceb
0496df0e1a651f08385225c1da306aaa68c1b82b415d48ae55348d0680ad3556
26caf917f10e913b6396bbf3e18486af27eccbd3153aceb41df1e426b51349d7
764a66a92908d4489e7d57f0c54475e907dc16102d43ace541f349f1ed875fc7
8df2c8e199e9b3357a763c6594634074a650e6ba864a84b03025af513bf13e84
d7308a12f5a8d8479dc17ee898656b938436e0d5c65da71e082c7348b379d496
fa03c82dda205bea24bf2b97694d216ce72acf0e9a87b5a5dc693713e83e5be1

win.carrefour.eu Open in urlscan Pro 2606:4700::6811:7912 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

118 kBTransfer

125 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

win.carrefour.eu Open in urlscan Pro
2606:4700::6811:7912 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

118 kB
Transfer

125 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions