urlscan.io logo urlscan.io
SecurityTrails logo

www.intersport.fr Open in urlscan Pro
185.4.46.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://up.d1xmail.com/lnk/292544163/4d23f104016778fa3eeb15a8d5b8f4613cfcbdc6/aHR0cHM6Ly93d3cuaW50ZXJzcG9ydC5mci9kcml2Z...
Effective URL: https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE...
Submission: On May 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 185.4.46.3, located in France and belongs to NBS, FR. The main domain is www.intersport.fr.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on January 21st 2020. Valid for: 2 years.
This is the only time www.intersport.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.4.46.3 51335 (NBS)
1 52.222.190.40 16509 (AMAZON-02)
1 195.154.45.172 12876 (Online SAS)
3 3
Domain Requested by
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com www.intersport.fr
1 www.intersport.fr
1 up.d1xmail.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
www.intersport.fr
GeoTrust EV RSA CA 2018		 2020-01-21 -
2022-04-21		 2 years crt.sh
*.captcha-delivery.com
Amazon		 2019-12-23 -
2021-01-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
Frame ID: 41A3022B0C43836D713661470146FE14
Requests: 2 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAAbKjJ21yQc0AUmYTiA%3D%3D&hash=DAC3C78927BBAD93C32DBE520B522B&cid=Pm7cr4AKJXK8JHcje.XW8cfhJVCEywFfp8KdKLRgD6~9EoPw9aFp8WKhJeD7mEAcoZnKD3RqNKmnZA7xyi00LcImVZM2LGROClf3TcKojX&t=fe
Frame ID: 35B157ABD5AF9087F88A6F06A3A60E51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://up.d1xmail.com/lnk/292544163/4d23f104016778fa3eeb15a8d5b8f4613cfcbdc6/aHR0cHM6Ly93d3cuaW50Z... HTTP 302
    https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_camp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

3
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

3 kB
Transfer

2 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://up.d1xmail.com/lnk/292544163/4d23f104016778fa3eeb15a8d5b8f4613cfcbdc6/aHR0cHM6Ly93d3cuaW50ZXJzcG9ydC5mci9kcml2ZS8_dXRtX3NvdXJjZT1jcm0mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1lbmNhcnRfcHJpbmNpcGFsJnV0bV9jYW1wYWlnbj1DT1ZJRF9PVVZFUlRVUkVfRFJJVkU HTTP 302
    https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.intersport.fr/drive/
Redirect Chain
  • https://up.d1xmail.com/lnk/292544163/4d23f104016778fa3eeb15a8d5b8f4613cfcbdc6/aHR0cHM6Ly93d3cuaW50ZXJzcG9ydC5mci9kcml2ZS8_dXRtX3NvdXJjZT1jcm0mdXRtX21lZGl1bT1lbWFpbCZ1dG1fY29udGVudD1lbmNhcnRfcHJpbmN...
  • https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
533 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.4.46.3 , France, ASN51335 (NBS, FR),
Reverse DNS
h3-46-4-185.rev.hosting.nbs-system.com
Software
nginx /
Resource Hash
d414802d32a6a30229cc434102e176f803a4303749437ab5a271e3b75b9ba564

Request headers

:method
GET
:authority
www.intersport.fr
:scheme
https
:path
/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
403
server
nginx
date
Wed, 06 May 2020 23:09:14 GMT
content-type
text/html;charset=utf-8
x-varnish
142828281
age
0
via
1.1 varnish-v4
x-datadome
protected
charset
utf-8
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
pragma
no-cache
x-datadome-cid
AHrlqAAAAAMAAbKjJ21yQc0AUmYTiA==
set-cookie
datadome=Pm7cr4AKJXK8JHcje.XW8cfhJVCEywFfp8KdKLRgD6~9EoPw9aFp8WKhJeD7mEAcoZnKD3RqNKmnZA7xyi00LcImVZM2LGROClf3TcKojX; Max-Age=31536000; Domain=.intersport.fr; Path=/; SameSite=Lax
x-nbs
1
content-encoding
gzip

Redirect headers

status
302
date
Wed, 06 May 2020 23:09:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dce279a107b77a84eff183896f00b84c71588806554; expires=Fri, 05-Jun-20 23:09:14 GMT; path=/; domain=.d1xmail.com; HttpOnly; SameSite=Lax; Secure
cache-control
no-cache, private
location
https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58f65e234f7697f0-FRA
cf-request-id
028dd92a0a000097f05aa87200000001
c.js
ct.captcha-delivery.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: www.intersport.fr
URL: https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-40.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c1a4bf4448e5875ee9c71e58161e9ce7f7daf36c0e080cdbaa6222e6262bea4

Request headers

Referer
https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 06 May 2020 16:37:24 GMT
via
1.1 2e44a3b2c1d0f478404fb20d9971a779.cloudfront.net (CloudFront)
last-modified
Wed, 18 Mar 2020 13:44:56 GMT
server
AmazonS3
age
23511
etag
"b669e9c7ee89ace26479d9dbe48cf850"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-length
1693
x-amz-cf-id
8P8GeOalway08YxW3jheKPWwVQ9GhZUkew7BSAzsFN8sEp3LscN4fw==
/
geo.captcha-delivery.com/captcha/ Frame 35B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAAbKjJ21yQc0AUmYTiA%3D%3D&hash=DAC3C78927BBAD93C32DBE520B522B&cid=Pm7cr4AKJXK8JHcje.XW8cfhJVCEywFfp8KdKLRgD6~9EoPw9aFp8WKhJeD7mEAcoZnKD3RqNKmnZA7xyi00LcImVZM2LGROClf3TcKojX&t=fe
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.154.45.172 Besançon, France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-45-172.rev.poneytelecom.eu
Software
/
Resource Hash

Request headers

Host
geo.captcha-delivery.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.intersport.fr/drive/?utm_source=crm&utm_medium=email&utm_content=encart_principal&utm_campaign=COVID_OUVERTURE_DRIVE

Response headers

Date
Wed, 06 May 2020 23:09:14 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=utf-8
Content-Length
24496

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dd

4 Cookies

Domain/Path Name / Value
.captcha-delivery.com/ Name: _gid
Value: GA1.2.364251641.1588806555
.captcha-delivery.com/ Name: _gat
Value: 1
.captcha-delivery.com/ Name: _ga
Value: GA1.2.1975293695.1588806555
.intersport.fr/ Name: datadome
Value: Pm7cr4AKJXK8JHcje.XW8cfhJVCEywFfp8KdKLRgD6~9EoPw9aFp8WKhJeD7mEAcoZnKD3RqNKmnZA7xyi00LcImVZM2LGROClf3TcKojX

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ct.captcha-delivery.com
geo.captcha-delivery.com
up.d1xmail.com
www.intersport.fr
185.4.46.3
195.154.45.172
2606:4700:3035::681f:46d3
52.222.190.40
3c1a4bf4448e5875ee9c71e58161e9ce7f7daf36c0e080cdbaa6222e6262bea4
d414802d32a6a30229cc434102e176f803a4303749437ab5a271e3b75b9ba564