urlscan.io logo urlscan.io
SecurityTrails logo

sso-discourse.dhatim.fr Open in urlscan Pro
51.68.112.120  Public Scan

Go To Rescan Add Verdict Report
URL: https://sso-discourse.dhatim.fr/
Submission Tags: phishingrod
Submission: On March 17 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 51.68.112.120, located in France and belongs to OVH, FR. The main domain is sso-discourse.dhatim.fr.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time sso-discourse.dhatim.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 51.68.112.120 16276 (OVH)
1 13.224.189.74 16509 (AMAZON-02)
3 18.245.46.55 16509 (AMAZON-02)
1 3.232.65.135 14618 (AMAZON-AES)
6 4
Apex Domain
Subdomains		 Transfer
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 1982
300 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1710
api-iam.intercom.io — Cisco Umbrella Rank: 1979
6 KB
1 dhatim.fr
sso-discourse.dhatim.fr
2 KB
6 3
Domain Requested by
3 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io sso-discourse.dhatim.fr
1 sso-discourse.dhatim.fr
6 4

This site contains links to these domains. Also see Links.

Domain
conciliator.statuspage.io
Subject Issuer Validity Valid
sso-discourse.dhatim.fr
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sso-discourse.dhatim.fr/
Frame ID: 20AF154FF32C3EAA1339CFCAD98E6904
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.002303dd.js
Frame ID: 17587AF60DF6382B48C1FE00A421C9FB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site en maintenance

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

307 kB
Transfer

1043 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sso-discourse.dhatim.fr/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso-discourse.dhatim.fr/
Protocol
HTTP/1.0
Security
TLS 1.3, , AES_128_GCM
Server
51.68.112.120 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f0dc1d41c6665566b08e161affe75d1d31d4d79a4949894a80b7d91c3d0de122

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache
content-type
text/html
x5cut0js
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/x5cut0js
Requested by
Host: sso-discourse.dhatim.fr
URL: https://sso-discourse.dhatim.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-74.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91f88ddbc9761b14fe647f164bd8c97a082b8f0485a8a94cc6b675deae1f8eac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sso-discourse.dhatim.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
epIWH2qhWu3PUcL1LBM9TBZV4GOsmlAF
content-encoding
gzip
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
date
Sun, 17 Mar 2024 10:10:52 GMT
x-amz-cf-pop
FRA2-C1
age
186
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Fri, 15 Mar 2024 17:40:43 GMT
server
AmazonS3
etag
"4007522e766d4f64b4cfc9062b928f78"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
WzJzScsF1TN9OWXzQSltMGFs5YgnfalNS0uvackSuFNhfjgsFN5WgA==
frame-modern.002303dd.js
js.intercomcdn.com/ Frame 1758 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.002303dd.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x5cut0js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1fa35188253b5e2e467bfad9d6426b4ad82fcc813fcc7a617b1f90dbeab4722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
GlMKXLrn_nojHFGhzzWrDJlqDYEVYYyP
content-encoding
gzip
via
1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
date
Sun, 17 Mar 2024 08:20:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
6803
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144406
last-modified
Fri, 15 Mar 2024 17:37:53 GMT
server
AmazonS3
etag
"a9306213924416144e29b008e126464f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
KPFaXRUkGACrZkR8XOHQ_KOIlglSg0nqp_YJT6fmvYB0CbjRO9qjUQ==
vendor-modern.9921b73c.js
js.intercomcdn.com/ Frame 1758 		483 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9921b73c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x5cut0js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
JGwlITCH9K56zyS9JOXcOwq5NPOPQdaV
content-encoding
gzip
via
1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
date
Sun, 17 Mar 2024 09:59:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
852
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151135
last-modified
Fri, 15 Mar 2024 17:37:53 GMT
server
AmazonS3
etag
"ae95e8cfe55350008dcd098ebbe4cee3"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
0sXoslmpHYlDB1RHCDJxBnP6SH4IEpir1kn2x1IFjgBmDaij7FzIOw==
ping
api-iam.intercom.io/messenger/web/ Frame 1758 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.002303dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.65.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-65-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6dbdc8803e7ea1979d63c8dba61faca12a9b7ce8f40a78a1cb2efd15fdf5b3e2
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 17 Mar 2024 10:13:58 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-04e75d817d474162f
status
200 OK
x-xss-protection
1; mode=block
x-request-id
008gltd9pjmvc73vfu9g
x-runtime
0.383301
server
nginx
etag
W/"6dbdc8803e7ea1979d63c8dba61faca1"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sso-discourse.dhatim.fr
x-intercom-version
7151a9a5340731d6ea899aea90c272ee20111bb0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
vendors~locale-fr-json-modern.938a7b2c.js
js.intercomcdn.com/ Frame 1758 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~locale-fr-json-modern.938a7b2c.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.002303dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9053c6b26cfdcc4d560b3e22fecf4d3ee390eba8fc44133120c7c64beb764e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
kmKTHJs.dFH8A1AnGqpMcXukHSmrWuUB
content-encoding
gzip
via
1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
date
Sun, 17 Mar 2024 08:41:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5555
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9412
last-modified
Fri, 15 Mar 2024 17:37:55 GMT
server
AmazonS3
etag
"893f569dff28620a8f7626ffa934c9c4"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
ubLTcy5KiHECcUJXn-WJCsEjoD6mmae5zV5sOBqLk1plQEb0clkqbw==

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| intercomSettings function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation

3 Cookies

Domain/Path Name / Value
.dhatim.fr/ Name: intercom-id-x5cut0js
Value: 822c12cd-d89e-4882-ad5a-8e11caa358a0
.dhatim.fr/ Name: intercom-session-x5cut0js
Value:
.dhatim.fr/ Name: intercom-device-id-x5cut0js
Value: e212171f-316d-459a-92fa-1c26d06ce835

1 Console Messages

Source Level URL
Text
network error URL: https://sso-discourse.dhatim.fr/
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)