bo.production.colisweb.com Open in urlscan Pro
99.81.71.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.service.decathlon.com/?qs=3e9d48ad4e2a6f9f39a47b0f9aa66679e9ffa24f7b4757dcb67df7d7b6308be2b23f0ff5e834335ef02ba12c9fba...
Effective URL:
https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_...
Submission: On December 20 via manual (December 20th 2021, 6:20:55 pm UTC) from FR — Scanned from FR

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 99.81.71.149, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is bo.production.colisweb.com.
TLS certificate: Issued by R3 on November 6th 2021. Valid for: 3 months.

This is the only time bo.production.colisweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.165.241 13.111.165.241	22606 (EXACT-7) (EXACT-7)
6	99.81.71.149 99.81.71.149	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	46.137.106.10 46.137.106.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
13	4

1 13.111.165.241 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.service.decathlon.com

click.service.decathlon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.81.71.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

bo.production.colisweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.137.106.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-106-10.eu-west-1.compute.amazonaws.com

login.production.colisweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	colisweb.com bo.production.colisweb.com login.production.colisweb.com	119 KB
4	googleapis.com fonts.googleapis.com	4 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	decathlon.com 1 redirects click.service.decathlon.com	375 B
13	4

	Domain	Requested by
6	bo.production.colisweb.com	bo.production.colisweb.com
4	fonts.googleapis.com	bo.production.colisweb.com
2	login.production.colisweb.com	bo.production.colisweb.com
1	fonts.gstatic.com	fonts.googleapis.com
1	click.service.decathlon.com	1 redirects
13	5

This site contains no links.

Subject Issuer	Validity	Valid
bo.production.colisweb.com R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
login.production.colisweb.com R3	`2021-11-06` - `2022-02-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
Frame ID: C641133C2D5686D5C938DC10A282A5CF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Colisweb

Page URL History Show full URLs

https://click.service.decathlon.com/?qs=3e9d48ad4e2a6f9f39a47b0f9aa66679e9ffa24f7b4757dcb67df7d7b6308be2b23f0ff5... HTTP 302
https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&u... Page URL

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

167 kB
Transfer

497 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.service.decathlon.com/?qs=3e9d48ad4e2a6f9f39a47b0f9aa66679e9ffa24f7b4757dcb67df7d7b6308be2b23f0ff5e834335ef02ba12c9fbaa50b09bfb8d3a235218c8c81b4cb0c4d55d1 HTTP 302
https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request coming-soon Show response
bo.production.colisweb.com/clients/285/deliveries/
Redirect Chain

https://click.service.decathlon.com/?qs=3e9d48ad4e2a6f9f39a47b0f9aa66679e9ffa24f7b4757dcb67df7d7b6308be2b23f0ff5e834335ef02ba12c9fbaa50b09bfb8d3a235218c8c81b4cb0c4d55d1
https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR

862 B
658 B

194ms
41ms

Document
text/html

99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c62ec87447a3e46357d82dbe979d2cd6fda0507a7d745834c50f2a2e81072ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
cache-control: public, max-age=0
last-modified: Thu, 16 Dec 2021 14:28:17 GMT
etag: W/"35e-17dc3a4cbe8"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
Date: Mon, 20 Dec 2021 18:20:50 GMT
Connection: close
Content-Length: 333

GET
H2 200 env.js Show response
bo.production.colisweb.com/login/ 524 B
442 B 48ms
47ms Script
application/javascript 99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bo.production.colisweb.com/login/env.js

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9a9ac4f9a472492e71dcb4eccff896dc736a838053295f04f36034fd4abfd5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
etag: W/"20c-Xr824Hbwd3V+NyooANSaC9a/XJg"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript; charset=utf-8

GET
H2 200 index.2cdf808f.js Show response
bo.production.colisweb.com/login/assets/ 10 KB
4 KB 47ms
47ms Script
application/javascript 99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bo.production.colisweb.com/login/assets/index.2cdf808f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

df8da60288e4bc5d532a44fbdbf02509b34f86418c1feedce09362a30b72c608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
Origin: https://bo.production.colisweb.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 14:28:17 GMT
etag: W/"2930-17dc3a4cbe8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes

GET
H2 200 vendor.2f8f375a.js Show response
bo.production.colisweb.com/login/assets/ 341 KB
104 KB 67ms
67ms Script
application/javascript 99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bo.production.colisweb.com/login/assets/vendor.2f8f375a.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f3458c96ad5f390c6a8db669b9bc9729dda9037c401753fddb5c6e37ae25a1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
Origin: https://bo.production.colisweb.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 14:28:17 GMT
etag: W/"555ae-17dc3a4cbe8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes

GET
H2 200 index.fe721449.css
bo.production.colisweb.com/login/assets/ 42 KB
9 KB 50ms
50ms Stylesheet
text/css 99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bo.production.colisweb.com/login/assets/index.fe721449.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

1afcf8515f2dc095b8eca2ecfb3940682bf7cb9bfcdd7b4990a8c1d31fa28e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 14:28:17 GMT
etag: W/"a7ec-17dc3a4cbe8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 109ms
40ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/login/assets/index.fe721449.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee4f51dd947adfe2b0317e9e0d22f0565444c104d9dd843bb45a89d5fe2fcaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 18:20:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 18:20:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 18:20:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
860 B 120ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/login/assets/index.fe721449.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0c3d1e77d12e60239872f50e04160c5c8f76db38acadf0b4beeff651b9fd073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 18:17:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 18:20:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 18:20:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 111ms
43ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Mono:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/login/assets/index.fe721449.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef52d5225c4a5870321f08ae3880ea2d5ff4c49f9cc25c88fdbdc4cd709e188f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 18:20:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 18:20:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 18:20:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
714 B 108ms
41ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Code:wght@300;400;500;600;700&display=swap

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/login/assets/index.fe721449.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cae093cf235ed37aaa15bcd050f81ee82336fe7eaa612b9d74ffbf17ce10fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 18:16:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 18:20:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 18:20:51 GMT

OPTIONS
H2 204 session
login.production.colisweb.com/api/ 0
0 187ms
36ms Preflight 46.137.106.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.production.colisweb.com/api/session
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.137.106.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-137-106-10.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://bo.production.colisweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
access-control-allow-origin: https://bo.production.colisweb.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-length: 0

PUT
H2 401 session Show response
login.production.colisweb.com/api/ 81 B
506 B 120ms
42ms XHR
application/json 46.137.106.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.production.colisweb.com/api/session

Requested by

Host: bo.production.colisweb.com
URL: https://bo.production.colisweb.com/login/assets/vendor.2f8f375a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.137.106.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-137-106-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c7c588aed92e65c7d87fa01f23d4ba16916a2af4fc032c51052b7230879804a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://bo.production.colisweb.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
etag: W/"51-nnUPVXYdSkFsBJpbPs+Ol/awiRA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bo.production.colisweb.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 81

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 99ms
30ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bo.production.colisweb.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 497177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 00:14:34 GMT

GET
H2 200 logo.svg
bo.production.colisweb.com/login/assets/ 2 KB
1 KB 41ms
40ms Image
image/svg+xml 99.81.71.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bo.production.colisweb.com/login/assets/logo.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

99.81.71.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-71-149.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cb033c643cc7d1c6391539159158909e3556a4c2ae3e25d6891e4191f4c95e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://bo.production.colisweb.com/clients/285/deliveries/coming-soon?SPMID=&PMSRC_CAMPAIGN=&utm_medium=email&utm_source=DECATHLON_ECOMMERCE_FRANCE&utm_campaign=TRANSACTIONAL_CUBE_GET_ORDER_SHIPPED_FR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:51 GMT
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 14:28:16 GMT
etag: W/"60e-17dc3a4c800"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.production.colisweb.com/api/session Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bo.production.colisweb.com
click.service.decathlon.com
fonts.googleapis.com
fonts.gstatic.com
login.production.colisweb.com
13.111.165.241
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
46.137.106.10
99.81.71.149
1afcf8515f2dc095b8eca2ecfb3940682bf7cb9bfcdd7b4990a8c1d31fa28e1c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9a9ac4f9a472492e71dcb4eccff896dc736a838053295f04f36034fd4abfd5e2
9cae093cf235ed37aaa15bcd050f81ee82336fe7eaa612b9d74ffbf17ce10fe3
c62ec87447a3e46357d82dbe979d2cd6fda0507a7d745834c50f2a2e81072ab1
c7c588aed92e65c7d87fa01f23d4ba16916a2af4fc032c51052b7230879804a0
cb033c643cc7d1c6391539159158909e3556a4c2ae3e25d6891e4191f4c95e62
df8da60288e4bc5d532a44fbdbf02509b34f86418c1feedce09362a30b72c608
e0c3d1e77d12e60239872f50e04160c5c8f76db38acadf0b4beeff651b9fd073
ee4f51dd947adfe2b0317e9e0d22f0565444c104d9dd843bb45a89d5fe2fcaf9
ef52d5225c4a5870321f08ae3880ea2d5ff4c49f9cc25c88fdbdc4cd709e188f
f3458c96ad5f390c6a8db669b9bc9729dda9037c401753fddb5c6e37ae25a1b2

bo.production.colisweb.com Open in urlscan Pro 99.81.71.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

167 kBTransfer

497 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

bo.production.colisweb.com Open in urlscan Pro
99.81.71.149 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

167 kB
Transfer

497 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions