urlscan.io logo urlscan.io
SecurityTrails logo

lecashback-societegenerale.e-bons.fr Open in urlscan Pro
52.30.54.175  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lecashback-societegenerale.e-bons.fr/e-carte-cadeau-maisons-du-monde.html
Effective URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Submission: On April 07 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main IP is 52.30.54.175, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is lecashback-societegenerale.e-bons.fr.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 17th 2024. Valid for: a year.
This is the only time lecashback-societegenerale.e-bons.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 52.30.54.175 16509 (AMAZON-02)
22 143.204.215.21 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2602:816:5001... 54113 (FASTLY)
1 162.247.243.29 54113 (FASTLY)
28 8
3    52.30.54.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-54-175.eu-west-1.compute.amazonaws.com
lecashback-societegenerale.e-bons.fr
22    143.204.215.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-21.fra53.r.cloudfront.net
static.ma-carte-cadeau.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
22 ma-carte-cadeau.com
static.ma-carte-cadeau.com
530 KB
3 e-bons.fr
lecashback-societegenerale.e-bons.fr
37 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 250
632 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 655
18 KB
1 gstatic.com
fonts.gstatic.com
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
83 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
28 7
Domain Requested by
22 static.ma-carte-cadeau.com lecashback-societegenerale.e-bons.fr
3 lecashback-societegenerale.e-bons.fr 2 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com lecashback-societegenerale.e-bons.fr
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com lecashback-societegenerale.e-bons.fr
1 fonts.googleapis.com lecashback-societegenerale.e-bons.fr
28 7

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
www.google.com
support.apple.com
Subject Issuer Validity Valid
e-bons.fr
Amazon RSA 2048 M02		 2024-02-17 -
2025-03-17		 a year crt.sh
static.ma-carte-cadeau.com
Amazon RSA 2048 M02		 2023-11-13 -
2024-12-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Frame ID: 293D6C2391BCCF29805CCC5105210E6C
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Erreur connexion

Page URL History Show full URLs

  1. https://lecashback-societegenerale.e-bons.fr/e-carte-cadeau-maisons-du-monde.html HTTP 302
    https://lecashback-societegenerale.e-bons.fr/sg-connexion/ HTTP 301
    https://lecashback-societegenerale.e-bons.fr/sg-connexion Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

700 kB
Transfer

2762 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lecashback-societegenerale.e-bons.fr/e-carte-cadeau-maisons-du-monde.html HTTP 302
    https://lecashback-societegenerale.e-bons.fr/sg-connexion/ HTTP 301
    https://lecashback-societegenerale.e-bons.fr/sg-connexion Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sg-connexion
lecashback-societegenerale.e-bons.fr/
Redirect Chain
  • https://lecashback-societegenerale.e-bons.fr/e-carte-cadeau-maisons-du-monde.html
  • https://lecashback-societegenerale.e-bons.fr/sg-connexion/
  • https://lecashback-societegenerale.e-bons.fr/sg-connexion
103 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.54.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-54-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d625d9077a1b6b636320b591a67fc0e91b8a4c31f7cc66e85e408c1dc435579c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fr-FR,fr;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,X-Requested-From,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token,x-client-id,Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
http://lecashback-societegenerale.e-bons.fr
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-encoding
gzip
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: https://cdn.checkout.com *.fontawesome.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.ma-carte-cadeau.com v2.zopim.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adyen.com https://connect-v2.fintecture.com https://connect-v2-sbx.fintecture.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.adyen.com www.google.com https://js.checkout.com *.klarna.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.google.com v2.zopim.com *.pulse-systems.com/ *.hotjar.com sibautomation.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com *.adyen.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://assets.fintecture.com https://images.unsplash.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.ma-carte-cadeau.com *.google.fr *.google.com *.googletagmanager.com v2.zopim.com *.facebook.com assets.fintecture.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net *.googleadservices.com *.google-analytics.com analytics.google.com *.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://cdn.checkout.com *.klarnacdn.net *.avada.io payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.google.com *.ma-carte-cadeau.com cdn.jsdelivr.net code.jquery.com *.newrelic.com v2.zopim.com *.zdassets.com *.facebook.com *.facebook.net *.nr-data.net *.metaffiliation.com *.hotjar.com *.raygun.io sibautomation.com *.abtasty.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://cdn.checkout.com *.fontawesome.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.googleapis.com *.ma-carte-cadeau.com cdn.jsdelivr.net v2.zopim.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com *.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://js.checkout.com *.klarnaevt.com https://get.geojs.io *.avada.io payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com wss://iczu39cgj5.execute-api.eu-west-1.amazonaws.com *.ma-carte-cadeau.com v2.zopim.com *.zdassets.com wss://widget-mediator.zopim.com *.zendesk.com *.nr-data.net *.g.doubleclick.net *.hotjar.com *.hotjar.io *.raygun.io *.sendinblue.com *.brevo.com *.abtasty.com *.s3.amazonaws.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sun, 07 Apr 2024 14:54:48 GMT
expires
Fri, 07 Apr 2023 06:57:38 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,X-Requested-From,If-Modified-Since,Cache-Control,Content-Type,Range,x-csrf-token,x-client-id,Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
http://lecashback-societegenerale.e-bons.fr
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-security-policy-report-only
font-src fonts.googleapis.com fonts.gstatic.com *.googleapis.com *.gstatic.com data: https://cdn.checkout.com *.fontawesome.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.ma-carte-cadeau.com v2.zopim.com maxcdn.bootstrapcdn.com 'self' data: data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adyen.com https://connect-v2.fintecture.com https://connect-v2-sbx.fintecture.com 'self' 'unsafe-inline'; frame-ancestors www.gstatic.com 'self'; frame-src fast.amc.demdex.net *.adobe.com bid.g.doubleclick.net www.youtube.com *.youtube-nocookie.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.adyen.com www.google.com https://js.checkout.com *.klarna.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.google.com v2.zopim.com *.pulse-systems.com/ *.hotjar.com sibautomation.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: googleads.g.doubleclick.net www.google.com bid.g.doubleclick.net www.googleadservices.com *.google-analytics.com analytics.google.com www.googletagmanager.com *.vimeocdn.com i.ytimg.com *.youtube.com *.adyen.com maps.googleapis.com maps.gstatic.com *.gstatic.com *.googleapis.com https://assets.fintecture.com https://images.unsplash.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.ma-carte-cadeau.com *.google.fr *.google.com *.googletagmanager.com v2.zopim.com *.facebook.com assets.fintecture.com *.hsforms.net *.hsforms.com 'self' data: data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com googleads.g.doubleclick.net *.googleadservices.com *.google-analytics.com analytics.google.com *.googletagmanager.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com *.youtube.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com *.gstatic.com https://cdn.jsdelivr.net/npm/@ryangjchandler/spruce@2.x.x/dist/spruce.umd.js www.google.com/recaptcha/ www.gstatic.com/recaptcha/ https://cdn.checkout.com *.klarnacdn.net *.avada.io payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.google.com *.ma-carte-cadeau.com cdn.jsdelivr.net code.jquery.com *.newrelic.com v2.zopim.com *.zdassets.com *.facebook.com *.facebook.net *.nr-data.net *.metaffiliation.com *.hotjar.com *.raygun.io sibautomation.com *.abtasty.com *.hsforms.net *.hsforms.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com fonts.googleapis.com https://cdn.checkout.com *.fontawesome.com payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com *.googleapis.com *.ma-carte-cadeau.com cdn.jsdelivr.net v2.zopim.com *.gstatic.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com static.zdassets.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net www.googleadservices.com *.google-analytics.com analytics.google.com www.googletagmanager.com vimeo.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com *.adyen.com maps.googleapis.com maps.gstatic.com fonts.googleapis.com *.googleapis.com https://js.checkout.com *.klarnaevt.com https://get.geojs.io *.avada.io payment.payline.com payment-2.payline.com homologation-payment.payline.com homologation-payment-2.payline.com payment.cdn.payline.com homologation-payment.cdn.payline.com wss://iczu39cgj5.execute-api.eu-west-1.amazonaws.com *.ma-carte-cadeau.com v2.zopim.com *.zdassets.com wss://widget-mediator.zopim.com *.zendesk.com *.nr-data.net *.g.doubleclick.net *.hotjar.com *.hotjar.io *.raygun.io *.sendinblue.com *.brevo.com *.abtasty.com *.s3.amazonaws.com t.elasticsuite.io *.hsforms.net *.hsforms.com 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sun, 07 Apr 2024 14:54:48 GMT
expires
Fri, 07 Apr 2023 14:54:48 GMT
location
https://lecashback-societegenerale.e-bons.fr/sg-connexion
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
societe_generale_styles.min.css
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/css/ 		228 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/css/societe_generale_styles.min.css?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
788209a206794181983516343487bd3c8864f2d97e6b15456196680fc0847ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 12:42:35 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
24927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:57 GMT
server
AmazonS3
etag
W/"dbd902947387d6a6ba1354724858d145"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public,max-age=31536000
x-amz-cf-id
6vu_G_5VQ8PWXpdpt5lfwQbrwu5EM-l4JhGrjqgaXBJnyjvzfi2_oQ==
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;1,400&display=swap
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6ca056c35d7b290bd4a6f7df724b475da50a7a7a3d52e50a3bf92903b9335b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 07 Apr 2024 14:54:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 07 Apr 2024 14:54:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Apr 2024 14:54:48 GMT
logo-shop-2000.png
static.ma-carte-cadeau.com/media/logo/websites/23/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/logo/websites/23/logo-shop-2000.png
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
28efb8da1fcbb491affca535980c7669ccdaabeffe8751f06a1d981322e1973e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 17:18:04 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
77804
x-cache
Hit from cloudfront
content-length
43616
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 28 Sep 2021 15:41:41 GMT
etag
"615337b5-aa60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
NDAF9yJKFai04Qd771hI0k7jWWIjLcG0Aic6LWJEpgt9P4m6y2v_hg==
require.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/requirejs/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/requirejs/require.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9685cb71997926787800eb8cc0b13873e0f39eb2a5e00a4005054480000dc27f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:02 GMT
server
AmazonS3
etag
W/"d2949460847ba3769b0f0c6be6acc0ae"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
zYh-ky9KLRg_ftCV8I64gUmJMdMotOnrh1N9d0EXSAhGn0BCeqxm3A==
default-bundle0.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/ 		1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/default-bundle0.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d3e43a3d98cf37d9599af8693a990d5676cb91918ef49ab9b23e4347d614e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
24940
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:53 GMT
server
AmazonS3
etag
W/"6a6b4c9b1a7680b232741f67602ea45d"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
h_3oiCQeZ5eogUGH3YoXztA_t0LKsBeCwJhRUHxBku_ViRUb2vmVmQ==
default-bundle1.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/ 		233 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/default-bundle1.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0b3a1833b1fcd9dd58d65cb2db20cddeade74343a83cce55cf086b871dedce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:53 GMT
server
AmazonS3
etag
W/"3be2203fbe02818d9690490c035e8885"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
X2o07zD65jO7uYw2iBtctjlyS4JQpm77-QvRBxK-dhM0qZ0bOm_3oQ==
default-bundle2.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Mcc_AdvancedBundle/js/bundle/default-bundle2.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8e0f790200d092b35e00a7da625a2ec6d3b14c7389631a20cd3c428aba48363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:53 GMT
server
AmazonS3
etag
W/"9aa969eabe3611c4b19c5c7e23980290"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
dNtzCa98PcAWrBIqFFakojqbPvrNmoj34GxA7IBO-w1KBBYREJz5FA==
static.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/mage/requirejs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/mage/requirejs/static.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5f0cc14ea3f6828ccae339fcb67d02dc6ffc4b40d5682bcd10815a6d9dead0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:01 GMT
server
AmazonS3
etag
W/"4b089369c3d2d8b183c9474f87155e8b"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
yZEgWk9HjWXGNuVB5JZEvqCIRLOhXP2e49hIOo4IT3OVe7JdZbufRA==
requirejs-min-resolver.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/ 		314 B
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/requirejs-min-resolver.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
519d92bd4f608a55c1fd141858dacbf6b3917e955d142164a60ad5da7f639279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
314
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:02 GMT
server
AmazonS3
etag
"9b5832fee774c3a7b35b7718d86d3a32"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
m1qAeirxK_mGfzvPuXxCCO01T-H_w33NqDpyqSXUFKwr-6JDoymRBw==
mixins.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/mage/requirejs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/mage/requirejs/mixins.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbc993c0ca90c7beecabc98795fe3664c8c5f4e77fbcea295580367fac44c58a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:01 GMT
server
AmazonS3
etag
W/"f44d33cdd0f320e0fa804433bb856300"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
phkxTicSagbDqwnnjQ8Fz7QwTarlkZBlnb7QyzTtcTuZJRUHk5qglw==
requirejs-config.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/requirejs-config.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a811f61ae8cf5cd8fb7da2cd2aa63bc9c79115630effea07fb1ba7e5829d3ff4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25110
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:02 GMT
server
AmazonS3
etag
W/"ca05edee015e87e84a8798ea7b216d8b"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
fH7QDwwsHi66_7FknXUUJ95ruodrjV6qObQgfcyUNS1TcbWQzgBMDg==
tracking.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Smile_ElasticsuiteTracker/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/Smile_ElasticsuiteTracker/js/tracking.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f04e2a626004cdfa66c1fa31076f21bb04bb66206f8770f99dd3416b2055fc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
24939
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:54 GMT
server
AmazonS3
etag
W/"16f90190735632446fda9f3368891a3e"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
Bjo8ugUqemXdLUhYPAdsHLgcqb7MYD45P8z358kngh3GZRRX6BsKcQ==
gtm.js
www.googletagmanager.com/ 		254 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH5RQ73
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fe9b6e81b5f385a7558c658f4fa1550af0d5ea08822c4b239566a2c17354d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 14:54:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85073
x-xss-protection
0
last-modified
Sun, 07 Apr 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Apr 2024 14:54:48 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://lecashback-societegenerale.e-bons.fr
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 01:16:08 GMT
x-content-type-options
nosniff
age
481120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39124
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 01:16:08 GMT
placeholder.svg
static.ma-carte-cadeau.com/media/catalog/product/placeholder/default/ 		685 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/catalog/product/placeholder/default/placeholder.svg
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
35363601d9fcc193555216ba60dc8cc2f13913057d8b2d7ee78f63bbf6f7b036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 13:15:39 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
6255
x-cache
Hit from cloudfront
content-length
685
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:43:46 GMT
etag
"60a691c2-2ad"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
f0d7tPvWrcYJsxLcVjkp-6ByVPjhNSSSyh2DtL39Z6M-AnP3HTr6pw==
tac.min.js
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/js/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/js/tac.min.js?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c7ea75d91eb8616e77fb8574b64e6b1b5fc0bb713f607b6153c698ba9e84c81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:12:52 GMT
content-encoding
gzip
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
25126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:01 GMT
server
AmazonS3
etag
W/"8952e5e70a0c5a872d7dcf82648b6cb4"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public,max-age=31536000
x-amz-cf-id
gpq_vPIEfhYoS8bN7qJACEgc15q643idVRa8LmD_J_vNBQjepc8uvw==
js-translation.json
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/ 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/js-translation.json?v=1712304121
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a49f8251316c2f6c1d9bb205c15b817d034cdf7b445ea2ba663ada07b6e4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 08:15:34 GMT
content-encoding
br
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
36095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:49:00 GMT
server
AmazonS3
etag
W/"cd1be5b9044aba980bd1c451d93b92db"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=31536000
x-amz-cf-id
Lq7IklyyWbtrWz2QhLehODjJgCjWYoZXyZk2Eg6hkxgY1tL6J6bwDQ==
societe_generale_second.min.css
static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/css/ 		526 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/frontend/Mcc/default/fr_FR/css/societe_generale_second.min.css?v=2.47.30
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ca3add5a96736c1f7aba75ea939f58c375a4836faa071059c7a0e9faf61e2eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 12:42:35 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
24927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 05 Apr 2024 07:48:57 GMT
server
AmazonS3
etag
W/"7874dee1b1ca3c5833e316e7d1dc9075"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public,max-age=31536000
x-amz-cf-id
zMrnrz5ovCU7caGb10rnxx_IeUQBh9OkWjJgy4AvnBGNZq7_bCrPdQ==
nr-rum-1.255.0.min.js
js-agent.newrelic.com/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.255.0.min.js
Requested by
Host: lecashback-societegenerale.e-bons.fr
URL: https://lecashback-societegenerale.e-bons.fr/sg-connexion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfd81339c0e5d507cb8bb10ce63f26765ce1019178560eb0c713bae8995e78a3
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
Origin
https://lecashback-societegenerale.e-bons.fr
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SVk8HmqMO5mxlo_zOYJO5HBjeXvMuiuP
content-encoding
br
via
1.1 varnish
date
Sun, 07 Apr 2024 14:54:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
JH3CHWCXY9TE5E2T
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
17484
x-amz-id-2
FlI8zJPHxeIv5J0UOXr38sSuO1HZTOeEeOD+bPUr6iQ47QIQYtw+jV2Emnb8CTqUqvYnfEeZW2s=
x-served-by
cache-lcy-eglc8600059-LCY
last-modified
Thu, 04 Apr 2024 14:39:28 GMT
server
AmazonS3
etag
"9c3be5f2438bf9b06574488a88edac62"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
33657
truncated
/ 		820 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
979a75555fdcb31a4e622321e34c806193ec7e3ab1ea8502acc551d4f6eb19b3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		355 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97002bcf7b98272a8ec5432adc81973551150da856129a2d3ef94252fbde09c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f819afb5831b232c1ac3c69dbe67d693d6bc501900d5f55cc9110c9fbe1ebc7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		968 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee81d10c2a596bcfef26e67eadec96f6bcd276e85540d99c0555fef943da7319

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30823de8a6063344072b811b44909f93561c191043abc366a6de8d2a7306fcb9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
689a1758e0b6d7b5b96c83e157ccf2a25a5b81d61466d865842bd0f2a4416e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
mcc-favicon-color.png
static.ma-carte-cadeau.com/media/favicon/default/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/media/favicon/default/mcc-favicon-color.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
7654be4377148ce5b119ce621cc52cc0c8247d081f8d3ee83d5d9820ca72c53c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 12:24:08 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
11760
x-cache
Hit from cloudfront
content-length
1700
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
"60a69211-6a4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qO4Cud9Aab21Ll1KZ7JJrn03S5XI8J3H-zOulU6vYAwiqsdiYDHbuQ==
mcc-favicon-color.png
static.ma-carte-cadeau.com/media/favicon/default/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.ma-carte-cadeau.com/media/favicon/default/mcc-favicon-color.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
7654be4377148ce5b119ce621cc52cc0c8247d081f8d3ee83d5d9820ca72c53c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 12:24:08 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
11760
x-cache
Hit from cloudfront
content-length
1700
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
"60a69211-6a4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/png
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
9naVZ-UXG7rMqZuAg17fA3m4W2PaH-HbiKWTFEiz1C9ZrjT77kqasg==
plane.svg
static.ma-carte-cadeau.com/media/homepage/footer/default/ 		349 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/homepage/footer/default/plane.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
10e3bf2c6c28baf1bfa56a26d2839a0d5e292ee2f3463f1181822152ba3b5cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 12:03:25 GMT
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
11726
x-cache
Hit from cloudfront
content-length
349
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
"60a69211-15d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dg7tM8PpHjrYSEf4viomZbp5WiMHsDSxD35w-RBpBOUFGwJviWyWpQ==
pig.svg
static.ma-carte-cadeau.com/media/homepage/footer/default/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/homepage/footer/default/pig.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
0fc1c83efe4c114b9bedfd79c5341ab181d266fac7dca7cf995d78571a6cf05e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 16:35:04 GMT
content-encoding
gzip
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
84340
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
W/"60a69211-e49"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
x-amz-cf-id
eha6xDpDNGXBcAuY_q-tteHxU5fe58o39qU2Y4IMXnp6evsfY2PIKg==
astronaute.svg
static.ma-carte-cadeau.com/media/homepage/footer/default/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/homepage/footer/default/astronaute.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
87a062561ed40e4976c7999e6e4b46fe2903a43c781c792da81f2ded09ca70de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 07:18:46 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
28082
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
W/"60a69211-8d7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
x-amz-cf-id
oyWxQcCHy-QEyP5doP06Nh8_WexG_EkhxXhZKsl0_L6caUs3FmKohQ==
footer-icon.svg
static.ma-carte-cadeau.com/media/homepage/footer/websites/23/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/homepage/footer/websites/23/footer-icon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
e9c355b029afe88ab79a509220aaae3af8265d1aab551a294a9ab1e43ed0343b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 04:49:53 GMT
content-encoding
br
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
36295
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Jul 2022 16:39:24 GMT
etag
W/"62d6de3c-33b2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
x-amz-cf-id
6xt9oN_h3J02AgXrASIMby_MgZs1_ve_Eo43wRjwZuLM4WtsuFKgjA==
paiement.svg
static.ma-carte-cadeau.com/media/homepage/footer/default/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ma-carte-cadeau.com/media/homepage/footer/default/paiement.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-21.fra53.r.cloudfront.net
Software
/
Resource Hash
b2ec96d442048e3ef4e02de913d4ebf5ec986c4d645ef5e9da6a294c182f36ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 14:37:02 GMT
content-encoding
gzip
via
1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA53-C1
age
4787
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 20 May 2021 16:45:05 GMT
etag
W/"60a69211-1868"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
image/svg+xml
cache-control
public,max-age=31536000
x-amz-cf-id
wrZM-CqLOqyrW0w_SN6uXu2fx1A97LMSHzNtWXpuLPesAjlor7uBkg==
701d1c5b17
bam.nr-data.net/1/ 		148 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/701d1c5b17?a=1262903100&v=1.255.0&to=ZVVUYRFSX0cDABYIV1wfd1YXWl5aTRMDBl1tU1dWC1Y%3D&rst=963&ck=0&s=f6167f41410a0cb9&ref=https://lecashback-societegenerale.e-bons.fr/sg-connexion&hr=0&ap=65&be=435&fe=455&dc=375&at=SRJXF1lITEk%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1712501687997,%22n%22:0,%22r%22:0,%22re%22:334,%22f%22:334,%22dn%22:334,%22dne%22:334,%22c%22:334,%22s%22:334,%22ce%22:334,%22rq%22:335,%22rp%22:435,%22rpe%22:437,%22di%22:810,%22ds%22:810,%22de%22:810,%22dc%22:879,%22l%22:880,%22le%22:890%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&fp=759&fcp=759
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.255.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bc936523fe901fedc80c520d374cfa8e7c621f9d41243a404a17e9d560fa0895

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://lecashback-societegenerale.e-bons.fr/
accept-language
fr-FR,fr;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 07 Apr 2024 14:54:49 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://lecashback-societegenerale.e-bons.fr
access-control-expose-headers
Date
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
close
timing-allow-origin
https://lecashback-societegenerale.e-bons.fr
Content-Length
148
x-served-by
cache-lcy-eglc8600061-LCY

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.255.0.PROD object| newrelic string| LOCALE string| BASE_URL function| require function| requirejs function| define object| storageShim object| cookiesConfig object| store_values undefined| lazyloadImages object| s boolean| r object| t object| checkout function| gtag object| dataLayer object| google_tag_manager object| google_tag_data undefined| $ function| jQuery object| Cookies object| cookieStorage function| mediaCheck object| scripts string| path string| tarteaucitronForceCDN string| cdn number| alreadyLaunch string| tarteaucitronForceLanguage string| tarteaucitronForceExpire string| tarteaucitronCustomText boolean| tarteaucitronExpireInDay number| timeExpire undefined| tarteaucitronProLoadServices boolean| tarteaucitronNoAdBlocker object| tarteaucitron function| tinycolor function| _ function| tac_gtag function| MmenuLight

12 Cookies

Domain/Path Name / Value
.lecashback-societegenerale.e-bons.fr/ Name: PHPSESSID
Value: j0dc1upaacpcmqimeng71av2f8
lecashback-societegenerale.e-bons.fr/ Name: tarteaucitron
Value: !gtag=wait!zendeskChat=wait
lecashback-societegenerale.e-bons.fr/ Name: form_key
Value: Ytx2zC1FfcvOm1o3
lecashback-societegenerale.e-bons.fr/ Name: mage-cache-storage
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: mage-cache-storage-section-invalidation
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: mage-cache-sessid
Value: true
lecashback-societegenerale.e-bons.fr/ Name: mage-messages
Value:
lecashback-societegenerale.e-bons.fr/ Name: recently_viewed_product
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: recently_viewed_product_previous
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: recently_compared_product
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: recently_compared_product_previous
Value: {}
lecashback-societegenerale.e-bons.fr/ Name: product_data_storage
Value: {}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
lecashback-societegenerale.e-bons.fr
static.ma-carte-cadeau.com
www.googletagmanager.com
143.204.215.21
162.247.243.29
2602:816:5001::39
2a00:1450:4001:800::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2008
52.30.54.175
0fc1c83efe4c114b9bedfd79c5341ab181d266fac7dca7cf995d78571a6cf05e
0fe9b6e81b5f385a7558c658f4fa1550af0d5ea08822c4b239566a2c17354d21
10e3bf2c6c28baf1bfa56a26d2839a0d5e292ee2f3463f1181822152ba3b5cc1
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
28efb8da1fcbb491affca535980c7669ccdaabeffe8751f06a1d981322e1973e
2c7ea75d91eb8616e77fb8574b64e6b1b5fc0bb713f607b6153c698ba9e84c81
30823de8a6063344072b811b44909f93561c191043abc366a6de8d2a7306fcb9
35363601d9fcc193555216ba60dc8cc2f13913057d8b2d7ee78f63bbf6f7b036
519d92bd4f608a55c1fd141858dacbf6b3917e955d142164a60ad5da7f639279
66a49f8251316c2f6c1d9bb205c15b817d034cdf7b445ea2ba663ada07b6e4f4
689a1758e0b6d7b5b96c83e157ccf2a25a5b81d61466d865842bd0f2a4416e12
7654be4377148ce5b119ce621cc52cc0c8247d081f8d3ee83d5d9820ca72c53c
788209a206794181983516343487bd3c8864f2d97e6b15456196680fc0847ecf
7f819afb5831b232c1ac3c69dbe67d693d6bc501900d5f55cc9110c9fbe1ebc7
87a062561ed40e4976c7999e6e4b46fe2903a43c781c792da81f2ded09ca70de
9685cb71997926787800eb8cc0b13873e0f39eb2a5e00a4005054480000dc27f
97002bcf7b98272a8ec5432adc81973551150da856129a2d3ef94252fbde09c8
979a75555fdcb31a4e622321e34c806193ec7e3ab1ea8502acc551d4f6eb19b3
98d3e43a3d98cf37d9599af8693a990d5676cb91918ef49ab9b23e4347d614e8
9ca3add5a96736c1f7aba75ea939f58c375a4836faa071059c7a0e9faf61e2eb
9f04e2a626004cdfa66c1fa31076f21bb04bb66206f8770f99dd3416b2055fc6
a811f61ae8cf5cd8fb7da2cd2aa63bc9c79115630effea07fb1ba7e5829d3ff4
b0b3a1833b1fcd9dd58d65cb2db20cddeade74343a83cce55cf086b871dedce9
b2ec96d442048e3ef4e02de913d4ebf5ec986c4d645ef5e9da6a294c182f36ac
b6ca056c35d7b290bd4a6f7df724b475da50a7a7a3d52e50a3bf92903b9335b4
bc936523fe901fedc80c520d374cfa8e7c621f9d41243a404a17e9d560fa0895
bfd81339c0e5d507cb8bb10ce63f26765ce1019178560eb0c713bae8995e78a3
d625d9077a1b6b636320b591a67fc0e91b8a4c31f7cc66e85e408c1dc435579c
d8e0f790200d092b35e00a7da625a2ec6d3b14c7389631a20cd3c428aba48363
dbc993c0ca90c7beecabc98795fe3664c8c5f4e77fbcea295580367fac44c58a
e5f0cc14ea3f6828ccae339fcb67d02dc6ffc4b40d5682bcd10815a6d9dead0b
e9c355b029afe88ab79a509220aaae3af8265d1aab551a294a9ab1e43ed0343b
ee81d10c2a596bcfef26e67eadec96f6bcd276e85540d99c0555fef943da7319