jeu-appli.carrefour.fr
Open in
urlscan Pro
54.38.226.6
Public Scan
Submitted URL: https://jeu-appli.carrefour.fr/
Effective URL: https://jeu-appli.carrefour.fr/NoAccount
Submission Tags: @phishunt_io
Submission: On October 26 via api from DE — Scanned from FR
Effective URL: https://jeu-appli.carrefour.fr/NoAccount
Submission Tags: @phishunt_io
Submission: On October 26 via api from DE — Scanned from FR
Summary
This website contacted 7 IPs
in 3 countries
across 6 domains to perform 23 HTTP transactions.
The main IP is 54.38.226.6, located in
France and
belongs to OVH, FR.
The main domain is jeu-appli.carrefour.fr.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 25th 2023. Valid for: a year.
This is the only time jeu-appli.carrefour.fr was scanned on urlscan.io!
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on October 25th 2023. Valid for: a year.
This is the only time jeu-appli.carrefour.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 13 | 54.38.226.6 54.38.226.6 | 16276 (OVH) (OVH) | |
| 1 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 151.101.130.132 151.101.130.132 | 54113 (FASTLY) (FASTLY) | |
| 6 | 2606:4700::68... 2606:4700::6812:82ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2606:4700:440... 2606:4700:4400::6812:2089 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 23 | 7 |
1
2a00:1450:4001:827::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
carrefour.fr
2 redirects
jeu-appli.carrefour.fr |
774 KB |
| 6 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 385 |
130 KB |
| 3 |
tagcommander.com
cdn.tagcommander.com — Cisco Umbrella Rank: 15176 |
45 KB |
| 1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 655 |
304 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
66 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373 |
9 KB |
| 23 | 6 |
| Domain | Requested by | |
|---|---|---|
| 13 | jeu-appli.carrefour.fr |
2 redirects
jeu-appli.carrefour.fr
|
| 6 | cdn.cookielaw.org |
cdn.tagcommander.com
cdn.cookielaw.org |
| 3 | cdn.tagcommander.com |
jeu-appli.carrefour.fr
|
| 1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
| 1 | www.googletagmanager.com |
cdn.tagcommander.com
|
| 1 | cdn.jsdelivr.net |
jeu-appli.carrefour.fr
|
| 23 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.carrefour.fr |
| moncompte.carrefour.fr |
| cookiepedia.co.uk |
| onetrust.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| jeu-appli.carrefour.fr GlobalSign RSA OV SSL CA 2018 |
2023-10-25 - 2024-11-25 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
| *.tagcommander.com Thawte RSA CA 2018 |
2023-02-09 - 2024-03-11 |
a year | crt.sh |
| cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
| onetrust.com Cloudflare Inc ECC CA-3 |
2022-12-13 - 2023-12-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://jeu-appli.carrefour.fr/NoAccount
Frame ID: BA4E68764EF898AFAF737CBB9BC9EF4E
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Le grand jeu de l'appli Back ButtonSearch IconFilter IconPage URL History Show full URLs
-
https://jeu-appli.carrefour.fr/
HTTP 302
https://jeu-appli.carrefour.fr/NoAccount.aspx HTTP 301
https://jeu-appli.carrefour.fr/NoAccount Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
TagCommander
(Tag managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.tagcommander\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://www.carrefour.fr/?Page=fr.carrefour://home
Title: Je crée un compte Carrefour en moins d'1 minute
Title: Je crée un compte Carrefour en moins d'1 minute
Search URL Search Domain Scan URL
URL: https://moncompte.carrefour.fr/iam/oauth2/CarrefourConnect/authorize?response_type=code&state=GAMEAPP60ans&client_id=carrefour_onecarrefour_arsenal&scope=openid+iam&redirect_uri=https://callbackcarrefour.arsenal.fr/handler/callback.ashx
Title: Je me connecte
Title: Je me connecte
Search URL Search Domain Scan URL
URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information
Title: More information
Search URL Search Domain Scan URL
URL: https://onetrust.com/poweredbyonetrust
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://jeu-appli.carrefour.fr/
HTTP 302
https://jeu-appli.carrefour.fr/NoAccount.aspx HTTP 301
https://jeu-appli.carrefour.fr/NoAccount Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
NoAccount
jeu-appli.carrefour.fr/ Redirect Chain
|
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site.css
jeu-appli.carrefour.fr/Content/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script.js
jeu-appli.carrefour.fr/Content/Scripts/ |
731 B 831 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/ |
59 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.10.2.min.js
jeu-appli.carrefour.fr/Scripts/ |
92 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc_CarrefourMiniSites_20.js
cdn.tagcommander.com/5008/ |
47 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
carteFid.png
jeu-appli.carrefour.fr/Content/Images/ |
96 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bulle_Partenaires.png
jeu-appli.carrefour.fr/Content/Images/ |
123 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc_CarrefourMiniSites_21.js
cdn.tagcommander.com/5008/ |
70 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc_CarrefourMiniSites_22.js
cdn.tagcommander.com/5008/ |
70 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
183 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Header2.png
jeu-appli.carrefour.fr/Content/Images/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer2.png
jeu-appli.carrefour.fr/Content/Images/ |
177 KB 177 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Proxima_Nova_Bold.otf
jeu-appli.carrefour.fr/Content/Fonts/ |
64 KB 64 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Proxima_Nova_Extrabold.otf
jeu-appli.carrefour.fr/Content/Fonts/ |
62 KB 62 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Proxima_Nova_Regular.otf
jeu-appli.carrefour.fr/Content/Fonts/ |
61 KB 62 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7c742bf1-e78a-4d22-bd23-a955720daba9.json
cdn.cookielaw.org/consent/7c742bf1-e78a-4d22-bd23-a955720daba9/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
59 B 304 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.12.0/ |
361 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/7c742bf1-e78a-4d22-bd23-a955720daba9/c2011de4-5dde-4551-8b55-4c4ba2928f08/ |
149 KB 27 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/ |
9 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/ |
46 KB 11 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
647 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
50 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| openModal function| closeModal function| getDeviceType function| loadLittleHeader object| tc_vars function| $ function| jQuery function| tc_events_3 function| gtag function| tc_events_20 function| OptanonWrapper function| tC object| tC_5008_20 object| caReady function| cact object| tc_array_events function| tC5008_20 boolean| ga-disable-G-Z7GR5ZE923 object| dataLayer object| theForm function| __doPostBack function| varQueryParamCleaner string| UEOneTrustGroupsConsent undefined| key undefined| value function| tc_events_21 object| tC_5008_21 function| tC5008_21 boolean| ga-disable-G-F1YPGVK7M9 boolean| ga-disable-G-FS68051QZ3 function| createEvent undefined| order_items0 undefined| orderId undefined| order_products undefined| kartProducts undefined| scriptElt1 undefined| beYableKey undefined| checkExist function| tc_events_22 object| tC_5008_22 function| tC5008_22 object| OneTrustStub object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| jeu-appli.carrefour.fr/ | Name: ASP.NET_SessionId Value: ty1caohzq5mz2krlvmrdgzxw |
|
| jeu-appli.carrefour.fr/ | Name: __AntiXsrfToken Value: 8aedbd30bd1b4a468821b62b97328ea7 |
|
| .carrefour.fr/ | Name: tc_counter_page Value: 1 |
|
| .jeu-appli.carrefour.fr/ | Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Oct+26+2023+02%3A28%3A01+GMT%2B0200+(Central+European+Summer+Time)&version=6.12.0&hosts=&landingPath=https%3A%2F%2Fjeu-appli.carrefour.fr%2FNoAccount&groups=C0001%3A1%2CC0007%3A0 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | SAMEORIGIN |
| Strict-Transport-Security | SAMEORIGIN |
| X-Content-Type-Options | SAMEORIGIN |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.tagcommander.com
geolocation.onetrust.com
jeu-appli.carrefour.fr
www.googletagmanager.com
151.101.130.132
2606:4700:4400::6812:2089
2606:4700::6810:5914
2606:4700::6812:82ec
2a00:1450:4001:827::2008
54.38.226.6
09f62b609d4f9f549e5ed9ff19f4dd8c1ec124e7175d8d3c36c77b04a87c691d
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
27320a242ebe74c655237d9d07107816994fed57b2f27ece94332b091cf9f22a
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
2fc7f40fe3b6fca4d842274e5c319024864535325c7484e201b7c53257209809
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
34fb7e0672109198d546412e50feae05b1d9679b18de17042462372771d7beac
383488ae41b5bc02aeee88635bfb3c79dce06e5add907ee56852fcbe80eca997
39f7093b64cc148b96e3a8e1a8d849fcd4fda75781388e413014128f3dfffcf0
5adcdd308e4e7b4c8b114f3149d0b2b255761e2d42634946a106c9fb7e43178e
62ea2f27825344dcad697b24dfa0e31ccbb41625f672bce6468560bc755cc27e
68dd6d198a0e4333c2d363efca1a1200726d76b0bf9d273f3999063ce27f567c
7d6d63b06c6b3b89851bd8a90fa29e3b401ead34ac9b190a011951c1f1534fbb
8c000e4544bfb7ad85dd61fac0a167d1b3f4ca26213b90ba28be37edb4626bc8
987f9e588458e94c96a5c11685861685a7e0b88bf3887c46f3b26383e02ffc86
a6f2d25d66d06d6155a298eb22a84777558d2730e9d39761b16f34fa9f4978a7
a6f3fb44626d233d6920e483f74c549aa8e517b1d033519077384c1e243e069e
afabb6d97c205d70c14568e298a95cfeb81301dcae89610dfe02b917f1b3f724
bf3e213eee09df42f78cf37b75c033f3c37c4b66d91d4e65488620712acaa04d
c526121cb44b087949a0c4b90721ac1b31f092bee441b13a6caacba026a784b3
d47362a7aafd28f0645a1fbf6322568dc119ef4d24982fff877e0be77bfa8be0
e50a63d060a4ca013e84c95322c8f6c332e8a2f668ed1315d2edb55111114630
e6e7248054e5729493255c13932a0b4ddb56b3044089fe5458edda2a2c09f835
f6501808c372e161d38eaee04610462158fbe34965f7a509ddba5f5179d82a0d