sfofbyvt-sword-intermarche-preprod.baleen.cshield.net Open in urlscan Pro
185.231.164.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Effective URL:
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Submission: On October 14 via api (October 14th 2023, 3:07:40 pm UTC) from US — Scanned from FR

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 185.231.164.36, located in France and belongs to C-TECHNOLOGY, FR. The main domain is sfofbyvt-sword-intermarche-preprod.baleen.cshield.net.
TLS certificate: Issued by Trusted Secure Certificate Authority DV on March 29th 2023. Valid for: a year.

This is the only time sfofbyvt-sword-intermarche-preprod.baleen.cshield.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	185.231.164.36 185.231.164.36	44108 (C-TECHNOLOGY) (C-TECHNOLOGY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	159.60.128.129 159.60.128.129	35280 (F5) (F5)
1 2	63.140.62.214 63.140.62.214	16509 (AMAZON-02) (AMAZON-02)
1	62.122.15.195 62.122.15.195	48744 (C-TECHNOLOGY) (C-TECHNOLOGY)
15	7

9 185.231.164.36 (France) 1 redirects

ASN44108 (C-TECHNOLOGY, FR)

sfofbyvt-sword-intermarche-preprod.baleen.cshield.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.60.128.129 (United States)

ASN35280 (F5, FR)

cdtm.preprod-cdiscount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.214 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-214.data.adobedc.net

smetrics.cdiscount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.122.15.195 (Bordeaux, France)

ASN48744 (C-TECHNOLOGY, FR)

tracking.cdiscount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cshield.net 1 redirects sfofbyvt-sword-intermarche-preprod.baleen.cshield.net	76 KB
3	cdiscount.com 1 redirects smetrics.cdiscount.com — Cisco Umbrella Rank: 513804 tracking.cdiscount.com — Cisco Umbrella Rank: 526103	2 KB
1	preprod-cdiscount.com cdtm.preprod-cdiscount.com
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 Failed	745 B
15	5

	Domain	Requested by
9	sfofbyvt-sword-intermarche-preprod.baleen.cshield.net	1 redirects sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
2	smetrics.cdiscount.com	1 redirects sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
1	tracking.cdiscount.com	sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
1	cdtm.preprod-cdiscount.com	sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
15	6

This site contains no links.

Subject Issuer	Validity	Valid
*.staging-ads.peps.relevanc.io Trusted Secure Certificate Authority DV	`2023-03-29` - `2024-03-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.preprod-cdiscount.com Trusted Secure Certificate Authority DV	`2023-02-22` - `2024-02-22`	a year	crt.sh
*.cdiscount.com Trusted Secure Certificate Authority 5	`2023-02-20` - `2024-02-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Frame ID: F503150A9D2FCA4F232363024E3B79AC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baleen - Error Page9B720660-BC66-468F-8F46-DA5D9A35113E03456098-98F9-45E6-98EF-A95008604AB6

Page URL History Show full URLs

http://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ HTTP 301
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Page URL
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

27 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

94 kB
Transfer

100 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ HTTP 301
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Page URL
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ HTTP 301
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Request Chain 12

https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=0&v93=PC&g=https%3A%2F%2Fsfofbyvt-sword-intermarche-preprod.baleen.cshield.net%2F HTTP 302
https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?AQB=1&pccr=true&vidn=3295575BF299D537-6000063AE35969C9&pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=0&v93=PC&g=https%3A%2F%2Fsfofbyvt-sword-intermarche-preprod.baleen.cshield.net%2F&AQE=1

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Redirect Chain

http://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

4 KB
2 KB

64ms
20ms

Document
text/html

185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

1d878e124dee63e3bcd3a129ae3688f1c698e2e2fa6a0194bfd80e31768b8d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 14 Oct 2023 15:07:35 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 14 Oct 2023 15:07:35 GMT
Location: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

GET css2
fonts.googleapis.com/ 0
0

GET
H2 200 style.css
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/challengejs/assets/ 3 KB
1 KB 20ms
20ms Stylesheet
text/css 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/challengejs/assets/style.css

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:07:35 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
last-modified: Mon, 18 Sep 2023 15:11:47 GMT
content-encoding: gzip
etag: W/"650868b3-cf4"
x-frame-options: DENY
content-type: text/css
x-xss-protection: 1; mode=block

POST
H2 200 check
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/challengejs/ 0
237 B 20ms
19ms XHR
text/html 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/challengejs/check?bln_challengejs=f5oCoqNNQeqaiBgnfnA7mNAGL-ZZ--4wEVxFnsHWnu0dfA0zFp0w5mT6mJrnSXMVMuURl5lHmbthcuRFtctnIHxG949RjBwdiB4JIH8Gt6D9Idf3kn9TtJJTjB1aa1v4X2Efvs5dtyj9gcStvOePqeOEodm-1iAoF_4uiOVPmqQ7EQfvxrlPyIRQzIZpHTdHqNCcdafBBSSK-kCHTNWEmBkinfwHbrQbtBpflJ-Y-c_1U-oWp0mxLPiCFPFGemvCNVsa4rvTtcO9H3oSgAo2HQ

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 15:07:35 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
content-encoding: gzip
x-frame-options: DENY
content-type: text/html
cache-control: no-cache
x-xss-protection: 1; mode=block

GET
H2 503 Primary Request / Show response
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ 8 KB
8 KB 39ms
38ms Document
text/html 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

87654435a1a2eb4f04b4214fd0417647cc81a3814a4fa1836d3742e8059f0ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 0
content-length: 8295
content-type: text/html
date: Sat, 14 Oct 2023 15:07:35 GMT
etag: "64e4b50e-2067"
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=63072000
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
x-frame-options: DENY
x-varnish: 2431861
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
745 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;400&display=swap

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e285f25de0dfd7aee8a3dff4b01e0d17cf788fea0edd1d7f4a5a5ab73053d0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Oct 2023 15:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 14:16:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Oct 2023 15:07:35 GMT

GET
H2 200 style.css
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/ 1 KB
792 B 23ms
22ms Stylesheet
text/css 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/style.css

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

0510c3c3e84ed0804bb03983cace2df58e650e1cdf554528f744a6351823f00b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-ttl: 14400.000
date: Sat, 14 Oct 2023 15:07:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-cache-grace: 10.000
age: 4446
content-length: 415
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 22 Aug 2023 13:15:58 GMT
etag: W/"64e4b50e-404"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-varnish: 2431863 2461987
accept-ranges: bytes

GET
H2 200 wave.svg
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/ 6 KB
6 KB 24ms
23ms Image
image/svg+xml 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/wave.svg

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

5aae44b89fea9208c41feaaea4fd9aeb276b728321d38f9fe8c97461c8aa8135

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-ttl: 14400.000
date: Sat, 14 Oct 2023 15:07:35 GMT
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
x-cache-grace: 10.000
age: 4446
content-length: 6272
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 22 Aug 2023 13:15:58 GMT
etag: "64e4b50e-1880"
x-frame-options: DENY
x-varnish: 2463292 2431153
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 baleen_ok.svg
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/ 55 KB
55 KB 24ms
23ms Image
image/svg+xml 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/assets/baleen_ok.svg

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

b1eefd9a882caaccef1d60995f125ca9801f79ac51ef6318f2b30fe039cb54d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-ttl: 14400.000
date: Sat, 14 Oct 2023 15:07:35 GMT
via: 1.1 varnish (Varnish/6.0)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
x-cache-grace: 10.000
age: 4446
content-length: 55848
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 22 Aug 2023 13:15:58 GMT
etag: "64e4b50e-da28"
x-frame-options: DENY
x-varnish: 2315522 2394395
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 tracking.js Show response
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/scripts/ 3 KB
2 KB 21ms
20ms Script
application/javascript 185.231.164.36
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/.well-known/baleen/error-pages-out/scripts/tracking.js

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.231.164.36 , France, ASN44108 (C-TECHNOLOGY, FR),

Reverse DNS

Software

Resource Hash

7e4f4d828ef8706c1e4b305bc2d89b08f38fdb68741d8ead898585a83b816110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Origin: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-cache-ttl: 14400.000
date: Sat, 14 Oct 2023 15:07:35 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0)
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-cache-grace: 10.000
age: 4446
content-length: 1528
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 22 Aug 2023 13:15:58 GMT
etag: W/"64e4b50e-dd1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
x-varnish: 2315523 2394397
accept-ranges: bytes

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 89ms
26ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 126043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 04:06:52 GMT

OPTIONS
H2 403 /
cdtm.preprod-cdiscount.com/ 0
0 128ms
23ms Preflight
text/html 159.60.128.129
F5

General

Check archive.org

Show headers Download Go to

Full URL: https://cdtm.preprod-cdiscount.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.60.128.129 , United States, ASN35280 (F5, FR),
Reverse DNS
Software: volt-adc /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-length: 7241
content-type: text/html; charset=UTF-8
date: Sat, 14 Oct 2023 15:07:35 GMT
server: volt-adc
x-volterra-location: pa2-par

POST /
cdtm.preprod-cdiscount.com/ 0
0

GET
H2

200

0
smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/
Redirect Chain

https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=0&v93=PC&g=https%3A%2F%2Fsfofbyvt-sword-intermarche-pre...
https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?AQB=1&pccr=true&vidn=3295575BF299D537-6000063AE35969C9&pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=...

43 B
251 B

25ms
25ms

Image
image/gif

63.140.62.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?AQB=1&pccr=true&vidn=3295575BF299D537-6000063AE35969C9&pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=0&v93=PC&g=https%3A%2F%2Fsfofbyvt-sword-intermarche-preprod.baleen.cshield.net%2F&AQE=1

Requested by

Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/

Protocol

Server

63.140.62.214 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-214.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:07:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 15:07:35 GMT
server: jag
etag: 3644915525594578944-4617805044956686547
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 13 Oct 2023 15:07:35 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Oct 2023 15:07:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 15:07:35 GMT
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
location: https://smetrics.cdiscount.com/b/ss/Cdiscountcomprod/1/H.20.3--NS/0?AQB=1&pccr=true&vidn=3295575BF299D537-6000063AE35969C9&pageName=Page%20Maintenance%20Baleen&c1=Cdiscount&c2=Erreur&c7=Erreur&c24=0&v93=PC&g=https%3A%2F%2Fsfofbyvt-sword-intermarche-preprod.baleen.cshield.net%2F&AQE=1
content-type: text/plain;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 13 Oct 2023 15:07:35 GMT

GET
H/1.1 200
OK myImage.track
tracking.cdiscount.com/tracking/ 43 B
851 B 108ms
43ms Image
image/gif 62.122.15.195
C-TECHNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.cdiscount.com/tracking/myImage.track?param=2KMk2vLvGYpQ8LRwRZmbX58Gh-tDM-29VmCf-emShQSMDqDitoteZkHMRzur1HFUBb1c7I-fI7hS63VT3im_N8CJ1MKV0AoAtUaIKsX4ICsFIcgJFJtGZZvV68NpTLM_u-8EP6ykWnLv8wZqBB9yDttB4ZDxE402z7ptSr7DzJ0Jyhsl1p2XMg&referrer=https%3A%2F%2Fsfofbyvt-sword-intermarche-preprod.baleen.cshield.net%2F
Requested by: Host: sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.122.15.195 Bordeaux, France, ASN48744 (C-TECHNOLOGY, FR),
Reverse DNS
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 14 Oct 2023 15:07:35 GMT
access-control-allow-Methods: GET, POST, OPTIONS, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.cdiscount.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-CDS-Context-SiteId
Content-Length: 43
Expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;400;500&display=swap

Domain: cdtm.preprod-cdiscount.com
URL: https://cdtm.preprod-cdiscount.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cshield.net/	1970-01-20 15:28:16	Name: bln_challengejs Value: f5oCoqNNQeqaiBgnfnA7mNAGL-ZZ--4wEVxFnsHWnu0dfA0zFp0w5mT6mJrnSXMVMuURl5lHmbthcuRFtctnIHxG949RjBwdiB4JIH8Gt6D9Idf3kn9TtJJTjB1aa1v4X2Efvs5dtyj9gcStvOePqeOEodm-1iAoF_4uiOVPmqQ7EQfvxrlPyIRQzIZpHTdHqNCcdafBBSSK-kCHTNWEmBkinfwHbrQbtBpflJ-Y-c_1U-oWp0mxLPiCFPFGemvCNVsa4rvTtcO9H3oSgAo2HQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Message: Failed to load resource: the server responded with a status of 503 ()
javascript	error	URL: https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net/ Message: Access to XMLHttpRequest at 'https://cdtm.preprod-cdiscount.com/' from origin 'https://sfofbyvt-sword-intermarche-preprod.baleen.cshield.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cdtm.preprod-cdiscount.com/ Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdtm.preprod-cdiscount.com
fonts.googleapis.com
fonts.gstatic.com
sfofbyvt-sword-intermarche-preprod.baleen.cshield.net
smetrics.cdiscount.com
tracking.cdiscount.com
cdtm.preprod-cdiscount.com
fonts.googleapis.com
159.60.128.129
185.231.164.36
2a00:1450:4001:800::2003
2a00:1450:4001:831::200a
62.122.15.195
63.140.62.214
0510c3c3e84ed0804bb03983cace2df58e650e1cdf554528f744a6351823f00b
1d878e124dee63e3bcd3a129ae3688f1c698e2e2fa6a0194bfd80e31768b8d0f
5aae44b89fea9208c41feaaea4fd9aeb276b728321d38f9fe8c97461c8aa8135
7e4f4d828ef8706c1e4b305bc2d89b08f38fdb68741d8ead898585a83b816110
87654435a1a2eb4f04b4214fd0417647cc81a3814a4fa1836d3742e8059f0ba2
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1eefd9a882caaccef1d60995f125ca9801f79ac51ef6318f2b30fe039cb54d6
e285f25de0dfd7aee8a3dff4b01e0d17cf788fea0edd1d7f4a5a5ab73053d0fb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

sfofbyvt-sword-intermarche-preprod.baleen.cshield.net Open in urlscan Pro 185.231.164.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

27 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

7 IPs

3 Countries

94 kBTransfer

100 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

sfofbyvt-sword-intermarche-preprod.baleen.cshield.net Open in urlscan Pro
185.231.164.36 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

27 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

94 kB
Transfer

100 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions