urlscan.io logo urlscan.io
SecurityTrails logo

billetterie.cesson-handball.com Open in urlscan Pro
158.178.199.126  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://billetterie.cesson-handball.com/
Effective URL: https://billetterie.cesson-handball.com/content
Submission: On May 30 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 158.178.199.126, located in Paris, France and belongs to ORACLE-BMC-31898, US. The main domain is billetterie.cesson-handball.com.
TLS certificate: Issued by R3 on May 12th 2024. Valid for: 3 months.
This is the only time billetterie.cesson-handball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 158.178.199.126 31898 (ORACLE-BM...)
6 18.245.46.60 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 16.12.19.1 16509 (AMAZON-02)
15 4
Domain Requested by
8 billetterie.cesson-handball.com 1 redirects stx-gravity-p12-widgets.quantum.secutix.com
6 stx-gravity-p12-widgets.quantum.secutix.com billetterie.cesson-handball.com
stx-gravity-p12-widgets.quantum.secutix.com
1 s3.eu-west-3.amazonaws.com
1 www.googletagmanager.com billetterie.cesson-handball.com
15 4

This site contains links to these domains. Also see Links.

Domain
www.secutix.com
www.cesson-handball.com
Subject Issuer Validity Valid
billetterie.cesson-handball.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
stx-gravity-p12-widgets.quantum.secutix.com
Amazon RSA 2048 M03		 2024-05-03 -
2025-06-01		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.s3.eu-west-3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-18 -
2025-04-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://billetterie.cesson-handball.com/content
Frame ID: 7FAB7090CB39EBF16C0516D4A0491719
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cesson Rennes Métropole HB - Ventes de billets en ligne

Page URL History Show full URLs

  1. http://billetterie.cesson-handball.com/ HTTP 307
    https://billetterie.cesson-handball.com/ HTTP 302
    https://billetterie.cesson-handball.com/content Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1410 kB
Transfer

4859 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://billetterie.cesson-handball.com/ HTTP 307
    https://billetterie.cesson-handball.com/ HTTP 302
    https://billetterie.cesson-handball.com/content Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request content
billetterie.cesson-handball.com/
Redirect Chain
  • http://billetterie.cesson-handball.com/
  • https://billetterie.cesson-handball.com/
  • https://billetterie.cesson-handball.com/content
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billetterie.cesson-handball.com/content
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
d197a614810bbf6de2e98729dd0b7efcf80a3c124b9e4da9b4f54e477599af41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 30 May 2024 13:46:05 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via
1.1 varnish (Varnish/6.5)
x-amzn-trace-id
Root=1-00000000-000000000000000000000000;
x-content-type-options
nosniff
x-frame-options
DENY
x-time
0.058
x-varnish
27289310
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store, no-cache
content-language
fr-FR
content-length
0
date
Thu, 30 May 2024 13:46:05 GMT
expires
Fri, 01 Jan 2010 12:00:00 GMT
location
https://billetterie.cesson-handball.com/content
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000 ; includeSubDomains
via
1.1 varnish (Varnish/6.5)
x-auth-token
b738a2a4-f002-4917-8228-64ca232afb5d
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-time
0.017
x-varnish
27652484
x-xss-protection
1; mode=block
Widgets.js
stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/ 		258 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Requested by
Host: billetterie.cesson-handball.com
URL: https://billetterie.cesson-handball.com/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
699bb8cc3bd2c7ac14fd54c98f01df4207022d50a6cf23a545f1ee0f3bcd8320

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:27:46 GMT
content-encoding
gzip
via
1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Mon, 25 Nov 2024 00:00:00 GMT", rule-id="delete_version_more_than_180_days"
last-modified
Tue, 28 May 2024 02:38:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
1100
x-amz-server-side-encryption
AES256
etag
W/"72cf40e5d435825f3aed01dc625577c4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400, public
x-amz-cf-id
3jvlZWTX2bLiiXmxI6kbH3tqBb6TQFUzepd_t84px7lGxK4lp6KGhA==
gtm.js
www.googletagmanager.com/ 		180 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SC3HKX
Requested by
Host: billetterie.cesson-handball.com
URL: https://billetterie.cesson-handball.com/content
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2dfb728c3d1afb9d29b563eedfc884c1ea4a6c2a1852577b4ec58f820cbd9a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65936
x-xss-protection
0
last-modified
Thu, 30 May 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 May 2024 13:46:05 GMT
manifest.json
stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/manifest.json?ts=1717076765736
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58273581a42114165876b55a36ebac397c0993e6b895bcabf27af51d084bd338

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:06 GMT
via
1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
6071
x-amz-expiration
expiry-date="Mon, 25 Nov 2024 00:00:00 GMT", rule-id="delete_version_more_than_180_days"
last-modified
Tue, 28 May 2024 02:38:07 GMT
server
AmazonS3
etag
"d29dd71ad66462813320132170cd612f"
access-control-max-age
0
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
SRvrs6Xj7Zyz-G1OfEC3z5wEW9fdoUFIJS0P0iv9_sjK9z-vR6s-NA==
favicon.ico
billetterie.cesson-handball.com/light_custom/lightTheme/ 		233 KB
233 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://billetterie.cesson-handball.com/light_custom/lightTheme/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
f143503e7b141aa623fe20c7af65c6429ff49b2620b24f326fe69ff31848a223
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/content
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:43:50 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish (Varnish/6.5)
age
135
x-auth-token
f443ccdc-b9d3-4b73-8783-684e5065ae69
content-length
238142
x-xss-protection
1; mode=block
pragma
Public
last-modified
Wed, 29 May 2024 03:12:11 GMT
server
nginx
x-amzn-trace-id
Root=1-00000000-000000000000000000000000;
x-frame-options
DENY
content-type
image/vnd.microsoft.icon;charset=UTF-8
x-varnish
27289312 29017618
cache-control
public, max-age=900
accept-ranges
bytes
x-time
0.017
expires
Thu, 30 May 2024 13:58:50 GMT
vendor.955b295d11d8c1ad2ffc.js
stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/ 		193 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/vendor.955b295d11d8c1ad2ffc.js
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
534d6847ec7ff208c1d202c4476c006897195b81fa94d2dd817bed547cbb72b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:27:47 GMT
content-encoding
gzip
via
1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Mon, 25 Nov 2024 00:00:00 GMT", rule-id="delete_version_more_than_180_days"
last-modified
Tue, 28 May 2024 02:38:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
1099
x-amz-server-side-encryption
AES256
etag
W/"e4b43d287b567e293ebdea816f61b146"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400, public
x-amz-cf-id
qphEC2ZauB7d7q4UjKoI39X6MhAFm_2EXy5X_CCfoTRIviNnT91efQ==
TicketShop.9baacc6dbe9042ee3ef9.js
stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/ 		4 MB
908 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/TicketShop.9baacc6dbe9042ee3ef9.js
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
553691c581d205900adb8a7f7aa0628458173cacfe3b2c16812f2ecac23b4113

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:17:19 GMT
content-encoding
gzip
via
1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Mon, 25 Nov 2024 00:00:00 GMT", rule-id="delete_version_more_than_180_days"
last-modified
Tue, 28 May 2024 02:38:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
1727
x-amz-server-side-encryption
AES256
etag
W/"4a8203dc4430877bad8521b29fd28fb1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400, public
x-amz-cf-id
9ukAGSfI7fg027qxvHfB-5fXuOBcteo5J2LIDPidmzNvXMyeDuTQpw==
csrf
billetterie.cesson-handball.com/tnwr/v1/ 		96 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billetterie.cesson-handball.com/tnwr/v1/csrf
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
251c2a6e62aac9fc33dd787d38b4e7c29bb74db58ff74a2731bd862001980cf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-Token
c5a4ead9-725b-499b-b2b1-59bf264a4715
Accept-Language
fr
X-Secutix-Host
billetterie.cesson-handball.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://billetterie.cesson-handball.com/content
X-API-Key
false
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
age
0
via
1.1 varnish (Varnish/6.5)
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json;charset=UTF-8
x-varnish
27289317
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-time
0.011
expires
0
catalog
billetterie.cesson-handball.com/tnwr/v1/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://billetterie.cesson-handball.com/tnwr/v1/catalog?maxPerformances=50&maxTimeslots=50&maxPerformanceDays=3&maxTimeslotDays=3&includeMetadata=true
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/TicketShop.9baacc6dbe9042ee3ef9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
2259a9ab774b4bd63bd1e96a2d8e2e198a1b0032068d23aed407cb7cfe5f7fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-Token
c5a4ead9-725b-499b-b2b1-59bf264a4715
Accept-Language
fr
X-Secutix-Host
billetterie.cesson-handball.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://billetterie.cesson-handball.com/content
X-API-Key
false
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
age
0
via
1.1 varnish (Varnish/6.5)
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json;charset=UTF-8
x-varnish
28859466
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-time
0.013
expires
0
resale-configuration
billetterie.cesson-handball.com/tnwr/v1/catalog/ 		125 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://billetterie.cesson-handball.com/tnwr/v1/catalog/resale-configuration
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/TicketShop.9baacc6dbe9042ee3ef9.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
5f16216ca8976169749c152377989231185c22a2a88381d69c72b201cc48ece4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-CSRF-Token
c5a4ead9-725b-499b-b2b1-59bf264a4715
Accept-Language
fr
X-Secutix-Host
billetterie.cesson-handball.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://billetterie.cesson-handball.com/content
X-API-Key
false
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:06 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
age
0
via
1.1 varnish (Varnish/6.5)
content-length
118
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json;charset=UTF-8
x-varnish
27289319
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
x-time
0.003
expires
0
cesson-rennes__logo__2018-2019_WEB.png
billetterie.cesson-handball.com/light_custom/lightTheme/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billetterie.cesson-handball.com/light_custom/lightTheme/cesson-rennes__logo__2018-2019_WEB.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
0017bef52ed7c96196a78b4bd2958d681413f9a93367e6fce08e95a0eb6bfbf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/content
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:43:54 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish (Varnish/6.5)
age
132
x-auth-token
41905b9b-54af-4ad0-a509-7022fb99f966
content-length
4304
x-xss-protection
1; mode=block
pragma
Public
last-modified
Wed, 29 May 2024 03:12:10 GMT
server
nginx
x-amzn-trace-id
Root=1-00000000-000000000000000000000000;
x-frame-options
DENY
content-type
image/png;charset=UTF-8
x-varnish
27652487 25550866
cache-control
public, max-age=900
accept-ranges
bytes
x-time
0.017
expires
Thu, 30 May 2024 13:58:54 GMT
logo_web_50x50.png
billetterie.cesson-handball.com/light_custom/lightTheme/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billetterie.cesson-handball.com/light_custom/lightTheme/logo_web_50x50.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
158.178.199.126 Paris, France, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
f299c3f4892090293232addc60b2e286bd79fbe9fd5c5bdb29a704b873d3574c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/content
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:43:54 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish (Varnish/6.5)
age
132
x-auth-token
ca695c51-3250-43aa-9351-14e14ef19ff1
content-length
1836
x-xss-protection
1; mode=block
pragma
Public
last-modified
Wed, 29 May 2024 03:12:11 GMT
server
nginx
x-amzn-trace-id
Root=1-00000000-000000000000000000000000;
x-frame-options
DENY
content-type
image/png;charset=UTF-8
x-varnish
25714368 25424589
cache-control
public, max-age=900
accept-ranges
bytes
x-time
0.017
expires
Thu, 30 May 2024 13:58:54 GMT
widgetInfo
stx-gravity-p12-widgets.quantum.secutix.com/api/v1/monitoring/ 		28 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/api/v1/monitoring/widgetInfo
Requested by
Host: stx-gravity-p12-widgets.quantum.secutix.com
URL: https://stx-gravity-p12-widgets.quantum.secutix.com/stx-widgets/v2/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
/
Resource Hash
b8f9c5a71ba0720bdb377e7fa58a6777301e470cf6502f5f1d2cfc1c597a33fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Stx-Authn
123456
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://billetterie.cesson-handball.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 13:46:06 GMT
via
1.1 24df21f8156a0df29febdf6c3e09e32c.cloudfront.net (CloudFront), 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P12, FRA56-P9
x-amzn-requestid
5c53ee0e-4fe6-4952-8924-188323988926
x-amzn-trace-id
Root=1-6658831e-426cbf0700dd6f5874ae5028;Parent=156393b860b3d336;Sampled=0;lineage=a4332574:0
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=86400, public
access-control-allow-credentials
true
x-amz-apigw-id
Ylls2HIcFiAESNg=
content-length
28
x-amz-cf-id
NHtbO4D6a9uVAhrPjpTQcxXePnb8cyHqRaIalAR84RNziVqhRAFLvQ==
access-control-allow-headers
Cache-Control,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Stx-Authn
widgetInfo
stx-gravity-p12-widgets.quantum.secutix.com/api/v1/monitoring/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stx-gravity-p12-widgets.quantum.secutix.com/api/v1/monitoring/widgetInfo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-60.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-stx-authn
Access-Control-Request-Method
POST
Origin
https://billetterie.cesson-handball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Cache-Control,Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Stx-Authn
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
age
8
cache-control
max-age=86400, public
content-length
0
content-type
application/json
date
Thu, 30 May 2024 13:45:58 GMT
via
1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront), 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
x-amz-apigw-id
YllrlHgzliAEDqA=
x-amz-cf-id
jTId1_YpD6jXQcwPoeeaveyjFjiBIA9bDFisOIVNf0UnuHdtaO-NoA==
x-amz-cf-pop
FRA56-P12 FRA56-P9
x-amzn-requestid
81f27856-6a47-45ef-b350-f0a5eed08bb0
x-cache
Hit from cloudfront
d9515036-3448-40df-ba62-2799a4e5578a.jpg
s3.eu-west-3.amazonaws.com/pub.crmhb.p34-s3.secutix.com/images/catalog/performance/large/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.eu-west-3.amazonaws.com/pub.crmhb.p34-s3.secutix.com/images/catalog/performance/large/d9515036-3448-40df-ba62-2799a4e5578a.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.12.19.1 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-3.amazonaws.com
Software
AmazonS3 /
Resource Hash
643525e1d3304e25db588b1a9dec720bf866e0342b54ab7546ed575271d51dfb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://billetterie.cesson-handball.com/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 30 May 2024 13:46:07 GMT
x-amz-version-id
UbI9XRVc0H6qon4h7iEllVo0jI1EQULE
Last-Modified
Thu, 25 Apr 2024 09:58:25 GMT
Server
AmazonS3
x-amz-request-id
Q4ZCS8JKN98DJKNR
ETag
"e392c571b5c6b1b43f3164aed2a4c0c2"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Cache-Control
max-age=600
Accept-Ranges
bytes
Content-Length
39169
x-amz-id-2
kM2by0Dq+ifmGU1y9TWjp5ykw21Me0xYnOB5WHKaYc0ds+BjrOFVQxDsAlNM203d9PWTeP/QotE=

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| secutix object| STX object| __core-js_shared__ object| regeneratorRuntime object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill object| __coverage__ object| profile object| google_tag_manager object| google_tag_data object| webpackChunkSTX function| _ object| SecuTixAPI object| __consolidated_events_handlers__

3 Cookies

Domain/Path Name / Value
.cesson-handball.com/ Name: AcpAT-v3-q-CRMHB
Value: IA-p34pkpbox1a-ae2ea7c06b5f666593e24138deb3240995655dc503685ba9af53b483a1c01ddf283833cb05c5cddb48b34f66b107d997dbf44d91fb1e49daffefe4b4e8a6eef3
billetterie.cesson-handball.com/ Name: STX_SESSION
Value: YjczOGEyYTQtZjAwMi00OTE3LTgyMjgtNjRjYTIzMmFmYjVk
billetterie.cesson-handball.com/ Name: SERVERID-BE-INTERNET1-9050
Value: 21c05a293f4ea629d57d6feef54dd47b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block