Back to Home

Security Analysis Results

www.groupe-sncf.com

Comprehensive domain security and infrastructure analysis

Live Website Preview

website screenshot of http://www.sncf.com/fr/relation-client/bon-achat-digital

No Security Risks Detected

This domain appears to be safe and secure

100%
Score

Disclaimer: This assessment is based on automated analysis of publicly available information. Results are for informational purposes only. For critical applications, consult security professionals.

Scan Information

Last checked:July 11, 2025 07:28:21
Target URL:http://www.sncf.com/fr/relation-client/bon-achat-digital
Scan Complete

Refresh page after 10 minutes
for updated results

Page Information

Target URL
http://www.sncf.com/fr/relation-client/bon-achat-digital
Page Title
Home | SNCF Group
www.groupe-sncf.com faviconSite Favicon
Status
Active

Host Information

Domain
www.groupe-sncf.com
Server
cloudflare
Country
United States
IP Address
104.18.19.62
ASN Information
13335
CLOUDFLARENET

Technologies

Amazon Web Services logo
Amazon Web Services
PaaS
jsDelivr logo
jsDelivr
CDN
HSTS logo
HSTS
Security
Google Tag Manager logo
Google Tag Manager
Tag managers
Didomi logo
Didomi
Cookie compliance
DataDome logo
DataDome
Security
+2 more technologies detected

SSL Certificate

HTTPS Enabled
Secure
Certificate Issuer
WE1
Valid From
2025-06-30 15:34:24
Valid Until
2025-09-28 16:34:20
Subject Name
groupe-sncf.com

Performance Statistics

62
Total Requests
10
Domains
10
IP Addresses
1.46 MB
Transfer Size
Content Size4.27 MB

HTTP Headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
access-control-allow-origin
*.cdn.vsct.fr
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=300, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-placement
remote-CDG
cf-ray
95d6959ffb8586c3-MAD
content-encoding
br
content-security-policy
frame-ancestors 'self' *.groupe-sncf.com *.cdn.vsct.fr *.aws.vsct.fr; upgrade-insecure-requests
content-security-policy-report-only
script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' https://www.googletagmanager.com https://cdn.jsdelivr.net https://tag.aticdn.net https://www.youtube.com https://www.instagram.com https://platform.linkedin.com https://platform.twitter.com https://connect.facebook.net https://bsky.app https://js-datadome.groupe-sncf.com https://sdk.privacy-center.org https://*.ubiplace.com https://*.aws.vsct.fr https://*.cdn.vsct.fr; worker-src 'self' blob:; report-uri /api/csp-report-only;
content-type
text/html; charset=utf-8
date
Fri, 11 Jul 2025 07:28:30 GMT
permissions-policy
accelerometer=(self "https://www.youtube.com"), ambient-light-sensor=(), autoplay=(self "https://www.youtube.com"), battery=(), camera=(), crossorigin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self "https://www.youtube.com"),execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self "https://www.youtube.com"),geolocation=(), gyroscope=(self "https://www.youtube.com"), magnetometer=(), microphone=(), midi=(), navigationoverride=(),payment=(), picture-in-picture=(self "https://www.youtube.com"), publickey-credentials-get=(), screenwake-lock=(), sync-xhr=(), usb=(), web-share=(self "https://www.youtube.com"), xr-spatial-tracking=(), clipboardread=(),clipboard-write=(self "https://www.youtube.com"), gamepad=(), speaker-selection=(), conversionmeasurement=(),focus-without-user-activation=(), hid=(), idle-detection=(),serial=(), sync-script=(), trust-token-redemption=(), vertical-scroll=(),notifications=(), push=(), speaker=(), vibrate=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options
nosniff
x-datadome
protected
x-nextjs-cache
HIT
20 headers detected

Technology Stack Analysis

Amazon Web Services

Amazon Web Services

PaaS

Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.

jsDelivr

jsDelivr

CDN

JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.

HSTS

HSTS

Security

HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.

Google Tag Manager

Google Tag Manager

Tag managers

Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.

Didomi

Didomi

Cookie compliance

Didomi is a consent management platform helping brands and businesses collect, store and leverage their customer consents.

DataDome

DataDome

Security

DataDome is a cybersecurity platform that specialises in bot protection and mitigation, offering advanced solutions to safeguard websites and mobile applications against malicious bot traffic, credential stuffing, scraping, and other automated threats.

Cloudflare

Cloudflare

CDN

Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.

HTTP/3

HTTP/3

Miscellaneous

HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web.

Website Cookies 6

datadome

.groupe-sncf.com

Secure Lax
Value
ZYK0In0UZKrOed_1P_dixTnmXlY9Mi2pMhPOlXSyHZU_X811izpyiY~NsliBOyqFwbPOidXceFwXiZ15YHNP~Vj_qGnkogc1Y8B6CHdUC2GQApIN_cBmGUcndNbYQKMH
Expires:7/11/2026

_pprv

.groupe-sncf.com

Secure Lax
Value
eyJjb25zZW50Ijp7IjAiOnsibW9kZSI6ImVzc2VudGlhbCJ9LCIxIjp7Im1vZGUiOiJvcHQtaW4ifSwiMiI6eyJtb2RlIjoib3B0LWluIn0sIjMiOnsibW9kZSI6Im9wdC1pbiJ9LCI0Ijp7Im1vZGUiOiJvcHQtaW4ifSwiNSI6eyJtb2RlIjoib3B0LWluIn0sIjYiOnsibW9kZSI6Im9wdC1pbiJ9LCI3Ijp7Im1vZGUiOiJvcHQtaW4ifX0sInB1cnBvc2VzIjpudWxsLCJfdCI6Im1zbXd0dXkwfG1jeWh3ZG0wIn0%3D
Expires:8/10/2026

_pcid

.groupe-sncf.com

Secure Lax
Value
%7B%22browserId%22%3A%22mcyhwdlwx2yprex8%22%2C%22_t%22%3A%22msmwtv1k%7Cmcyhwdpk%22%7D
Expires:8/10/2026

__cf_bm

.groupe-sncf.com

HttpOnly Secure None
Value
xFIRMkOU5o.fQWUgFw6kGyXy3ZicH9CpRVnY9sbV8PQ-1752218910-1.0.1.1-sEOITUdmMAkV.mw4WxevGtjbpunrMueZ7asi5ereq6EKakRCmHXdGCK2yG0Guw2OF17i3hYT6BVJuKMSM9KFP87HbdSMrXyH36y7kATT2nU
Expires:7/11/2025

didomi_token

.groupe-sncf.com

Lax
Value
[didomi_token redacted]
Expires:7/12/2026

_pctx

.groupe-sncf.com

Secure Lax
Value
%7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbCPwDu%2BAG4BGfgB9%2BAYwCeAC2GsADvxABfIA
Expires:8/10/2026

External Links 4

x - New browser window

twitter.com

Analyze
Target URL
https://twitter.com/GroupeSNCF

linkedin - New browser window

www.linkedin.com

Analyze
Target URL
https://www.linkedin.com/company/sncf/

youtube - New browser window

www.youtube.com

Analyze
Target URL
https://www.youtube.com/@sncf

instagram - New browser window

www.instagram.com

Analyze
Target URL
https://www.instagram.com/groupesncf/

Requested Domains 10

cdn.jsdelivr.net

Unknown Type
No category information available

geo.captcha-delivery.com

Unknown Type
No category information available

js-datadome.groupe-sncf.com

Unknown Type
No category information available

nssvsmp.pa-cd.com

Unknown Type
No category information available

sdk.privacy-center.org

Unknown Type
No category information available

tag.aticdn.net

Unknown Type
No category information available

www.cybermalveillance.gouv.fr

Unknown Type
No category information available

www.googletagmanager.com

Unknown Type
No category information available

www.groupe-sncf.com

Subdomain
Categories
Health & FitnessHealthReferenceEducation

www.sncf.com

Unknown Type
No category information available
LinkCheck

© 2025 LinkCheck. Secure domain analysis you can trust.