urlscan.io logo urlscan.io
SecurityTrails logo

be.loccitane.com Open in urlscan Pro
52.157.232.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fr-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=c86e718b3d7968e10eb7735ad5c6dac8d73a2e3a&url_key...
Effective URL: https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&t...
Submission: On February 03 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 8 domains to perform 19 HTTP transactions. The main IP is 52.157.232.11, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is be.loccitane.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 18th 2020. Valid for: 2 years.
This is the only time be.loccitane.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 78.137.118.22 61323 (UKFAST)
7 2a02:21a8:0:3... 61323 (UKFAST)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.95.109.120 15169 (GOOGLE)
1 13.226.159.95 16509 (AMAZON-02)
1 188.165.150.177 16276 (OVH)
1 1 52.48.74.89 16509 (AMAZON-02)
1 52.157.232.11 8075 (MICROSOFT...)
1 13.224.194.24 16509 (AMAZON-02)
1 18.157.207.8 16509 (AMAZON-02)
19 13
2    78.137.118.22 (Manchester, United Kingdom)

ASN61323 (UKFAST, GB)
PTR: 78.137.118.22.srvlist.ukfast.net
fr-be.cashbackdeals.be
7    2a02:21a8:0:3::ca6b:ba66 (United Kingdom)

ASN61323 (UKFAST, GB)
static.orangebuddies.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    34.95.109.120 (United States)

ASN15169 (GOOGLE, US)
PTR: 120.109.95.34.bc.googleusercontent.com
clk.tradedoubler.com
1    13.226.159.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-95.dus51.r.cloudfront.net
vht.tradedoubler.com
1    188.165.150.177 (France)

ASN16276 (OVH, FR)
PTR: lb01.net.royalcactus.com
analytics.tradedoubler.com
1    52.48.74.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-74-89.eu-west-1.compute.amazonaws.com
redir.tradedoubler.com
1    52.157.232.11 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
be.loccitane.com
1    13.224.194.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-24.fra2.r.cloudfront.net
ct.captcha-delivery.com
1    18.157.207.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
geo.captcha-delivery.com
Domain Requested by
7 static.orangebuddies.com fr-be.cashbackdeals.be
static.orangebuddies.com
2 clk.tradedoubler.com 1 redirects
2 www.google-analytics.com fr-be.cashbackdeals.be
www.google-analytics.com
2 fr-be.cashbackdeals.be 1 redirects
1 geo.captcha-delivery.com ct.captcha-delivery.com
1 ct.captcha-delivery.com be.loccitane.com
1 be.loccitane.com
1 redir.tradedoubler.com 1 redirects
1 analytics.tradedoubler.com vht.tradedoubler.com
1 vht.tradedoubler.com clk.tradedoubler.com
1 fonts.googleapis.com static.orangebuddies.com
fr-be.cashbackdeals.be
1 maxcdn.bootstrapcdn.com fr-be.cashbackdeals.be
19 12

This site contains no links.

Subject Issuer Validity Valid
www.cashbackkorting.nl
Sectigo RSA Domain Validation Secure Server CA		 2019-05-06 -
2021-05-21		 2 years crt.sh
static.orangebuddies.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-17 -
2021-06-17		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.tradedoubler.com
R3		 2021-01-23 -
2021-04-23		 3 months crt.sh
*.loccitane.com
DigiCert SHA2 High Assurance Server CA		 2020-06-18 -
2022-08-10		 2 years crt.sh
*.captcha-delivery.com
Amazon		 2020-11-25 -
2021-12-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
Frame ID: 249EEDDCA238BB60F4E14EDABA6B0439
Requests: 18 HTTP requests in this frame

Frame: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMACyb4H5-Y5PcAudSrSw%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=ZzfCE9i6VYaP4LculaXY_ITfqPGw961AYPAkM.bLbsWo4MPRUILrGTdn1DE5bu8DR_zfADg-9-jZE.l2qdR-dIX-N~qApeKAwmgfeB1oTO&t=fe&referer=https%3A%2F%2Fbe.loccitane.com%2Foffre-de-bienvenue%2C79%2C1%2C83600%2C1595898.htm%3Futm_content%3Dbanner_cpa%26utm_term%3D202012_bnr_welcome10%26tduid%3Dda515c32c95abe800b1d97b688d8ff2b%26utm_source%3Dtradedoubler_2297478%26utm_medium%3DroiAffiliate%26utm_campaign%3DBEBE_alwaysOn_performance_branding_multi&s=5311
Frame ID: 2DA2A81A6BE933873DEAC50799ABB6E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://fr-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=c86e718b3d7968e10eb7735ad5c6... HTTP 302
    https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450 Page URL
  2. https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39 Page URL
  3. https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_229... HTTP 302
    https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=20... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

95 %
HTTPS

38 %
IPv6

8
Domains

12
Subdomains

13
IPs

6
Countries

133 kB
Transfer

441 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fr-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=c86e718b3d7968e10eb7735ad5c6dac8d73a2e3a&url_key=loccitane-provence-be-fr&type=voucher&typeId=757450 HTTP 302
    https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450 Page URL
  2. https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39 Page URL
  3. https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39 HTTP 302
    https://redir.tradedoubler.com/projectr/?tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi&_td_deeplink=https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm&utm_content=banner_cpa&utm_term=202012_bnr_welcome10 HTTP 302
    https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://fr-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=c86e718b3d7968e10eb7735ad5c6dac8d73a2e3a&url_key=loccitane-provence-be-fr&type=voucher&typeId=757450 HTTP 302
  • https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set visit.php
fr-be.cashbackdeals.be/popup/
Redirect Chain
  • https://fr-be.cashbackdeals.be/user/autologin.php?module=account-overview&salt=c86e718b3d7968e10eb7735ad5c6dac8d73a2e3a&url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
  • https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.137.118.22 Manchester, United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
78.137.118.22.srvlist.ukfast.net
Software
nginx /
Resource Hash
1247f8830ecf71e1606d40d57dc122351e1fe866ebdd415927a81fffd16dbf8b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
fr-be.cashbackdeals.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=r1a5gpqukp028gfo3nch1renl3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Wed, 03 Feb 2021 13:21:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1569
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Set-Cookie
stores_viewed_by_user=a%3A1%3A%7Bi%3A51932%3Bs%3A5%3A%2251932%22%3B%7D; expires=Thu, 18-Feb-2021 13:21:11 GMT; Max-Age=1296000; path=/; secure visitedStoresKey=a%3A1%3A%7Bi%3A0%3Bs%3A24%3A%22loccitane-provence-be-fr%22%3B%7D; expires=Thu, 18-Feb-2021 13:21:11 GMT; Max-Age=1296000; path=/; secure cashback_be.loccitane.com=yes; expires=Wed, 03-Feb-2021 13:51:11 GMT; Max-Age=1800; path=/; secure
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*

Redirect headers

Server
nginx
Date
Wed, 03 Feb 2021 13:21:11 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
20
Connection
keep-alive
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Xss-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
Set-Cookie
PHPSESSID=r1a5gpqukp028gfo3nch1renl3; path=/; secure; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location
/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
layout.css
static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/ 		247 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/layout.css
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
25d34b8f52200119bf035ef551cc46ada8f188833dcf0e86f33e277d90866aca

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2021 10:33:22 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
401012dfa02902829f11e5b674a140ac
responsive.css
static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/ 		65 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/responsive.css
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
efce0a7d79cdaf851c848d6797dc669007d02eeffc6b24b1fa94aceb8cd15754

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 10:09:11 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
d525a60592c3050e3ef83c284dcfb6f5
popup.css
static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/popup/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/popup/popup.css
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
5ba8e2ef82bae978ae26c47375fc121aa0f40d8a73521dc83195f0b3ed2c9653

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
content-encoding
gzip
last-modified
Fri, 26 Jun 2020 12:32:29 GMT
server
nginx/1.4.7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ddosx-request-id
7791a61f69dc25e22bbbf63b7158d88b
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:19 GMT
etag
"1544639719"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
6079
51932.gif
static.orangebuddies.com/image/stores/ 		974 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/stores/51932.gif
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
c0d484f53ca140f4938abee024d07747672ef42ffc3f9ef9b6fdbe0dd9abef25

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
last-modified
Thu, 15 Dec 2016 10:51:21 GMT
server
nginx/1.4.7
etag
"585275a9-3ce"
content-type
image/gif
access-control-allow-origin
*
content-length
974
accept-ranges
bytes
x-ddosx-request-id
7116e68989639a1e1eb98cc948cf5b27
56667-ExitPage468x60.gif
static.orangebuddies.com/image/banners/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/image/banners/56667-ExitPage468x60.gif
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
fbf407926e85a4baaacc986d4aeddb60e143c766b0622c38451f65c0c16afa5f

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
last-modified
Mon, 01 Feb 2021 14:34:52 GMT
server
nginx/1.4.7
etag
"6018118c-235f"
content-type
image/gif
access-control-allow-origin
*
content-length
9055
accept-ranges
bytes
x-ddosx-request-id
747c67d0ec1ae1c81e1996f1c66dad0d
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fr-be.cashbackdeals.be
URL: https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
428
date
Wed, 03 Feb 2021 13:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 03 Feb 2021 15:14:03 GMT
collect
www.google-analytics.com/j/ 		2 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=226372381&t=pageview&_s=1&dl=https%3A%2F%2Ffr-be.cashbackdeals.be%2Fpopup%2Fvisit.php%3Furl_key%3Dloccitane-provence-be-fr%26type%3Dvoucher%26typeId%3D757450&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=502298574&gjid=1601199007&cid=2061168713.1612358471&tid=UA-45188282-1&_gid=2045850146.1612358471&_r=1&_slc=1&z=1232684279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 13:21:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr-be.cashbackdeals.be
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		1 KB
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Narrow
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51c552a2f1fa3269e9104546eab7cb63a94f51db880d6a41fe9803e0b2526e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 12:48:44 GMT
server
ESF
date
Wed, 03 Feb 2021 13:21:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Feb 2021 13:21:11 GMT
css
fonts.googleapis.com/ 		0
0
bg.jpg
static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/assets/bg.jpg
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f

Request headers

Referer
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/layout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
last-modified
Wed, 02 Nov 2016 07:31:44 GMT
server
nginx/1.4.7
etag
"58199660-39c1"
content-type
image/jpeg
access-control-allow-origin
*
content-length
14785
accept-ranges
bytes
x-ddosx-request-id
8c5239e2cb674ce7bd8996a5a015aa41
bar-loading.gif
static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/assets/bar-loading.gif
Requested by
Host: static.orangebuddies.com
URL: https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/popup/popup.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:21a8:0:3::ca6b:ba66 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
Software
nginx/1.4.7 /
Resource Hash
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2

Request headers

Referer
https://static.orangebuddies.com/templates/fr-be.cashbackdeals.be/march16/css/popup/popup.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:21:11 GMT
last-modified
Thu, 30 Jun 2016 11:39:57 GMT
server
nginx/1.4.7
etag
"5775050d-c59"
content-type
image/gif
access-control-allow-origin
*
content-length
3161
accept-ranges
bytes
x-ddosx-request-id
0e9ae55d7d0ba7263831f2d30a2730ba
click
clk.tradedoubler.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.109.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
120.109.95.34.bc.googleusercontent.com
Software
TXServerHttp /
Resource Hash
25a7b97b613a424d4910805e67166dcb83b9b187b08294483d14986cb076ab7e

Request headers

:method
GET
:authority
clk.tradedoubler.com
:scheme
https
:path
/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fr-be.cashbackdeals.be/popup/visit.php?url_key=loccitane-provence-be-fr&type=voucher&typeId=757450

Response headers

content-type
text/html; charset=ISO-8859-1
server
TXServerHttp
access-control-allow-origin
*
cache-control
private, max-age=0
pragma
no-cache
p3p
policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy
origin
date
Wed, 03 Feb 2021 13:21:12 GMT
content-length
1025
via
1.1 google
alt-svc
clear
prefs.js
vht.tradedoubler.com/fp/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vht.tradedoubler.com/fp/prefs.js
Requested by
Host: clk.tradedoubler.com
URL: https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-95.dus51.r.cloudfront.net
Software
Apache /
Resource Hash
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 03:44:36 GMT
Content-Encoding
gzip
Age
293796
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 15 Oct 2018 09:28:46 GMT
Server
Apache
ETag
W/"2509-57841106334e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
Cache-Control
max-age=604800, public
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
0nL_qRGxKM6RR_X0IJpExkx60O8L6_C6BRpF2No2DrNLNubC9G9UJw==
Expires
Sun, 07 Feb 2021 03:44:36 GMT
/
analytics.tradedoubler.com/ 		0
241 B 		Other
General
Check archive.org
Download Go to
Full URL
https://analytics.tradedoubler.com/
Requested by
Host: vht.tradedoubler.com
URL: https://vht.tradedoubler.com/fp/prefs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.165.150.177 , France, ASN16276 (OVH, FR),
Reverse DNS
lb01.net.royalcactus.com
Software
nginx /
Resource Hash

Request headers

Referer
https://clk.tradedoubler.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 03 Feb 2021 13:21:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Primary Request Cookie set offre-de-bienvenue,79,1,83600,1595898.htm
be.loccitane.com/
Redirect Chain
  • https://clk.tradedoubler.com/click?p=235511&a=2297478&g=24499876&epi=39-OBS-601aa347439de39
  • https://redir.tradedoubler.com/projectr/?tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi&_td_dee...
  • https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_me...
461 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.157.232.11 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
06019056f37814ec92906538225c7384a75f6a1405e8249ce3aadd061d25f56b
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Host
be.loccitane.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://clk.tradedoubler.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://clk.tradedoubler.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://clk.tradedoubler.com/

Response headers

Date
Wed, 03 Feb 2021 13:21:12 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
LbStickyVmCORS=92b70bb97cf65e1f2ebc655362d122e5; Path=/; SameSite=None; Secure LbStickyVm=92b70bb97cf65e1f2ebc655362d122e5; Path=/ datadome=ZzfCE9i6VYaP4LculaXY_ITfqPGw961AYPAkM.bLbsWo4MPRUILrGTdn1DE5bu8DR_zfADg-9-jZE.l2qdR-dIX-N~qApeKAwmgfeB1oTO; Max-Age=31536000; Domain=.loccitane.com; Path=/; Secure; SameSite=Lax
Cache-Control
private
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-DataDome
protected
Charset
utf-8
X-DataDome-CID
AHrlqAAAAAMACyb4H5-Y5PcAudSrSw==
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-Xss-Protection
1
access-control-allow-headers
content-type
X-Front
webxcmsprd-vm06

Redirect headers

Cache-control
no-cache="set-cookie"
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Feb 2021 13:21:12 GMT
Location
https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
Server
Apache/2.4.46 (Amazon) PHP/7.3.23
Set-Cookie
AWSELB=1177FD251499E32EA4866CF966B3F72EF58D4A425C7A5F3DCD9E7D7F5F83DB425B5521C7D23F47EC8D4D958F3D54AC80CA7DBCC006E4007DE8ABAFDFF520E30F5E8215264F;PATH=/;MAX-AGE=30 AWSELBCORS=1177FD251499E32EA4866CF966B3F72EF58D4A425C7A5F3DCD9E7D7F5F83DB425B5521C7D23F47EC8D4D958F3D54AC80CA7DBCC006E4007DE8ABAFDFF520E30F5E8215264F;PATH=/;MAX-AGE=30;SECURE;SAMESITE=None
X-Powered-By
PHP/7.3.23
Content-Length
1
Connection
keep-alive
c.js
ct.captcha-delivery.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.captcha-delivery.com/c.js
Requested by
Host: be.loccitane.com
URL: https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-24.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b75a28d6ff7962a4474cf1799be8a03628bddbbede9dd2115eeadac50fec5f5

Request headers

Referer
https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 02:07:45 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified
Wed, 09 Dec 2020 13:37:29 GMT
server
AmazonS3
age
40409
etag
"94c3988145a4ad03e1eba61def04129f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
3015
x-amz-cf-id
dUR0Xlc7RR8tqKsqCzAUckFPNDNh2kyG6CaeJSwi-xxepS8rgW8g8g==
/
geo.captcha-delivery.com/captcha/ Frame 2DA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMACyb4H5-Y5PcAudSrSw%3D%3D&hash=05855055E4FD6CAFCCD506CE41122E&cid=ZzfCE9i6VYaP4LculaXY_ITfqPGw961AYPAkM.bLbsWo4MPRUILrGTdn1DE5bu8DR_zfADg-9-jZE.l2qdR-dIX-N~qApeKAwmgfeB1oTO&t=fe&referer=https%3A%2F%2Fbe.loccitane.com%2Foffre-de-bienvenue%2C79%2C1%2C83600%2C1595898.htm%3Futm_content%3Dbanner_cpa%26utm_term%3D202012_bnr_welcome10%26tduid%3Dda515c32c95abe800b1d97b688d8ff2b%26utm_source%3Dtradedoubler_2297478%26utm_medium%3DroiAffiliate%26utm_campaign%3DBEBE_alwaysOn_performance_branding_multi&s=5311
Requested by
Host: ct.captcha-delivery.com
URL: https://ct.captcha-delivery.com/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.207.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-207-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
geo.captcha-delivery.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://be.loccitane.com/offre-de-bienvenue,79,1,83600,1595898.htm?utm_content=banner_cpa&utm_term=202012_bnr_welcome10&tduid=da515c32c95abe800b1d97b688d8ff2b&utm_source=tradedoubler_2297478&utm_medium=roiAffiliate&utm_campaign=BEBE_alwaysOn_performance_branding_multi

Response headers

Date
Wed, 03 Feb 2021 13:21:13 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans:400italic,400|Open+Sans+Condensed:700

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload

3 Cookies

Domain/Path Name / Value
.loccitane.com/ Name: datadome
Value: ZzfCE9i6VYaP4LculaXY_ITfqPGw961AYPAkM.bLbsWo4MPRUILrGTdn1DE5bu8DR_zfADg-9-jZE.l2qdR-dIX-N~qApeKAwmgfeB1oTO
be.loccitane.com/ Name: LbStickyVm
Value: 92b70bb97cf65e1f2ebc655362d122e5
be.loccitane.com/ Name: LbStickyVmCORS
Value: 92b70bb97cf65e1f2ebc655362d122e5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload max-age=31536000; includeSubdomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tradedoubler.com
be.loccitane.com
clk.tradedoubler.com
ct.captcha-delivery.com
fonts.googleapis.com
fr-be.cashbackdeals.be
geo.captcha-delivery.com
maxcdn.bootstrapcdn.com
redir.tradedoubler.com
static.orangebuddies.com
vht.tradedoubler.com
www.google-analytics.com
fonts.googleapis.com
13.224.194.24
13.226.159.95
18.157.207.8
188.165.150.177
2001:4de0:ac19::1:b:3a
2a00:1450:4001:809::200e
2a00:1450:4001:821::200e
2a00:1450:4001:82b::200a
2a02:21a8:0:3::ca6b:ba66
34.95.109.120
52.157.232.11
52.48.74.89
78.137.118.22
06019056f37814ec92906538225c7384a75f6a1405e8249ce3aadd061d25f56b
1247f8830ecf71e1606d40d57dc122351e1fe866ebdd415927a81fffd16dbf8b
17ee72d8421cc64e48d5e885c090851028f91129555be935403a51c55eff2e9d
25a7b97b613a424d4910805e67166dcb83b9b187b08294483d14986cb076ab7e
25d34b8f52200119bf035ef551cc46ada8f188833dcf0e86f33e277d90866aca
276ed23fdaae28019edf73bb462d0738ec8312b97f26698518bb303fc5a9bd9f
51c552a2f1fa3269e9104546eab7cb63a94f51db880d6a41fe9803e0b2526e96
5ba8e2ef82bae978ae26c47375fc121aa0f40d8a73521dc83195f0b3ed2c9653
7b75a28d6ff7962a4474cf1799be8a03628bddbbede9dd2115eeadac50fec5f5
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
a03a0e52f0f18d00375e4358ede5ec2ab934ea7a739e916c7c1caa702833e1b2
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
c0d484f53ca140f4938abee024d07747672ef42ffc3f9ef9b6fdbe0dd9abef25
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
efce0a7d79cdaf851c848d6797dc669007d02eeffc6b24b1fa94aceb8cd15754
fbf407926e85a4baaacc986d4aeddb60e143c766b0622c38451f65c0c16afa5f