urlscan.io logo urlscan.io
SecurityTrails logo

orthographe.notretemps.com Open in urlscan Pro
2a0b:440:1020:22::f898  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notretemps.com/r/?id=h75a7bc02,5f3b93b3,8001ac86
Effective URL: https://orthographe.notretemps.com/
Submission: On August 06 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2a0b:440:1020:22::f898, located in Germany and belongs to DE-RACKSPACE Frankfurt, Germany, GB. The main domain is orthographe.notretemps.com.
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time orthographe.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.220.123.91 16509 (AMAZON-02)
4 2a0b:440:1020... 39921 (DE-RACKSP...)
5 65.9.66.34 16509 (AMAZON-02)
6 2a04:4e42:200... 54113 (FASTLY)
1 52.222.139.86 16509 (AMAZON-02)
3 92.243.23.24 203476 (GANDI-AS-...)
6 2600:9000:223... 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
35 9
1    54.220.123.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-123-91.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notretemps.com
4    2a0b:440:1020:22::f898 (Germany)

ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB)
orthographe.notretemps.com
www.gymglish.com
5    65.9.66.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-34.fra56.r.cloudfront.net
www.notretemps.com
6    2a04:4e42:200::591 (United States)

ASN54113 (FASTLY, US)
fastly-a9fast-com.freetls.fastly.net
1    52.222.139.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-86.ams50.r.cloudfront.net
sso.notretemps.com
3    92.243.23.24 (France)

ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR)
PTR: xvm-23-24.dc0.ghst.net
www.wysistat.com
6    2600:9000:223d:c800:a:9c85:8d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.notretemps.com
3    2600:9000:223f:5a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
15 notretemps.com
t.prod1.emailing.notretemps.com
orthographe.notretemps.com
www.notretemps.com — Cisco Umbrella Rank: 938781
sso.notretemps.com
t.notretemps.com
469 KB
6 fastly.net
fastly-a9fast-com.freetls.fastly.net — Cisco Umbrella Rank: 784438
372 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6473
135 KB
3 wysistat.com
www.wysistat.com — Cisco Umbrella Rank: 77435
6 KB
2 gymglish.com
www.gymglish.com — Cisco Umbrella Rank: 648858
356 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
455 B
35 6
Domain Requested by
6 t.notretemps.com orthographe.notretemps.com
t.notretemps.com
fastly-a9fast-com.freetls.fastly.net
6 fastly-a9fast-com.freetls.fastly.net orthographe.notretemps.com
fastly-a9fast-com.freetls.fastly.net
5 www.notretemps.com orthographe.notretemps.com
www.notretemps.com
3 sdk.privacy-center.org orthographe.notretemps.com
sdk.privacy-center.org
3 www.wysistat.com orthographe.notretemps.com
www.wysistat.com
2 www.gymglish.com fastly-a9fast-com.freetls.fastly.net
2 orthographe.notretemps.com fastly-a9fast-com.freetls.fastly.net
1 pagead2.googlesyndication.com t.notretemps.com
1 sso.notretemps.com orthographe.notretemps.com
1 t.prod1.emailing.notretemps.com 1 redirects
35 10
Subject Issuer Validity Valid
orthographe.notretemps.com
R3		 2023-06-11 -
2023-09-09		 3 months crt.sh
notretemps.com
Amazon RSA 2048 M02		 2023-02-19 -
2024-03-19		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-05 -
2024-03-08		 a year crt.sh
sso.notretemps.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-01-08		 a year crt.sh
www.wysistat.com
Gandi Standard SSL CA 2		 2023-05-04 -
2024-05-29		 a year crt.sh
t.notretemps.com
Amazon RSA 2048 M02		 2023-07-11 -
2024-08-08		 a year crt.sh
*.privacy-center.org
Amazon RSA 2048 M02		 2023-03-25 -
2024-04-22		 a year crt.sh
gymglish.com
R3		 2023-06-17 -
2023-09-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://orthographe.notretemps.com/
Frame ID: 7D6F21DDBECADA3F72F8465C39FFFFA2
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cours de français orthographe et expression écrite avec Notretemps.com et Gymglish

Page URL History Show full URLs

  1. https://t.prod1.emailing.notretemps.com/r/?id=h75a7bc02,5f3b93b3,8001ac86 HTTP 302
    https://orthographe.notretemps.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

83 %
HTTPS

56 %
IPv6

6
Domains

10
Subdomains

9
IPs

4
Countries

982 kB
Transfer

3775 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notretemps.com/r/?id=h75a7bc02,5f3b93b3,8001ac86 HTTP 302
    https://orthographe.notretemps.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
orthographe.notretemps.com/
Redirect Chain
  • https://t.prod1.emailing.notretemps.com/r/?id=h75a7bc02,5f3b93b3,8001ac86
  • https://orthographe.notretemps.com/
87 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0b:440:1020:22::f898 , Germany, ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB),
Reverse DNS
Software
Apache /
Resource Hash
ecef7483d116009bf69a8eb54c7436aee84be77a8c1bdce4d8cb6b1e2aba33fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, public
content-encoding
gzip
content-length
17192
content-type
text/html; charset=utf-8
date
Sun, 06 Aug 2023 11:30:54 GMT
referrer-policy
same-origin
server
Apache
strict-transport-security
max-age=63072000
vary
X-A9-Content-Only,Host,Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-length
17
content-type
text/plain; charset=utf-8
date
Sun, 06 Aug 2023 11:30:54 GMT
location
https://orthographe.notretemps.com/
p3p
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server
Apache
x-robots-tag
noindex
notretemps.css
www.notretemps.com/css/ 		280 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/css/notretemps.css?version=0.6.4
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
88537c796eaf8385c25ba27f3ee8cc20a7080f7eb7fe65c596fa6bde11c4327c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:02:45 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 07:59:13 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
358089
etag
W/"64ca0cd1-45e09"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
rO_DrGi87uXNrcdnrFhwmNw6EM2mFQXNQnWHBI16NKDuP9nTInA-hg==
minimal.js
www.notretemps.com/js/ 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/minimal.js?version=0.6.4
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4c842e097c4ce8e92fe984a7ad6311cf27126d43a0dd45502fb9d2c7d0609bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:02:44 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 07:59:13 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
358090
etag
W/"64ca0cd1-2d767"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
DTvyC5zxA3b2H4ToNu6_OUgRSpt5B1EpGeNv46FjQIFt4d89KuCodQ==
app.js
www.notretemps.com/js/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/app.js?version=0.6.4
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5a5f620806afabbc176d04ac3617d811316004f27f245ce6e81b5dc30c78592a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 08:02:44 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 02 Aug 2023 07:59:13 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
358090
etag
W/"64ca0cd1-d216"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
FUG7Jb1hTqa90G6Xd-yy4Bji8XP1IIjYXFlFHvvTtmmAWC1CydqZig==
icomoon.woff2
www.notretemps.com/fonts/ 		0
0
montserrat-latin.woff2
www.notretemps.com/fonts/ 		0
0
montserrat-bold-latin.woff2
www.notretemps.com/fonts/ 		0
0
opensans-latin.woff2
www.notretemps.com/fonts/ 		0
0
opensans-bold-latin.woff2
www.notretemps.com/fonts/ 		0
0
website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/ 		638 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
b33f7c0139091b46479be80e1afcedb36555cbb6690f257fa538e3f35759ca16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
175049
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
79637
x-served-by
cache-fra-eddf8230073-FRA, cache-ams21054-AMS
last-modified
Fri, 04 Aug 2023 10:51:42 GMT
server
nginx/1.14.1
x-timer
S1691321455.602144,VS0,VE2
etag
W/"8531c6f4672bcfc3da64ca2af8c5ec00"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
31, 1
keycloak.min.js
sso.notretemps.com/auth/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/js/keycloak.min.js
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-86.ams50.r.cloudfront.net
Software
nginx /
Resource Hash
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 19:11:12 GMT
content-encoding
gzip
via
1.1 ec354e6d520d6c5c48f3933476169122.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
78728
x-cache
Hit from cloudfront
last-modified
Wed, 02 Feb 2022 19:41:07 GMT
server
nginx
etag
W/"61fade53-82cc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Authorization, X-Total-Count
access-control-allow-credentials
true
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
x-amz-cf-id
Tb6nAEFi7fc_-ckKNTDzNhConufij4Q58uAcPtRKf_22qikAJdow3A==
jquery-bs-588006d67e4d9f714827468d51981c22.min.js
fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/ 		699 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/jquery-bs-588006d67e4d9f714827468d51981c22.min.js
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
1c7d71501b818e345e3c916f2e27268fb9f34531c5a16490e0116162f1860e1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
904414
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
179730
x-served-by
cache-fra-eddf8230045-FRA, cache-ams21054-AMS
last-modified
Wed, 22 Feb 2023 10:09:04 GMT
server
nginx/1.14.1
x-timer
S1691321455.602123,VS0,VE2
etag
W/"588006d67e4d9f714827468d51981c22"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
1, 1
website-kiev-a7d2ad15e27df1820ba8f58141265b8b.min.js
fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/website-kiev-a7d2ad15e27df1820ba8f58141265b8b.min.js
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
b2af084829cc22c7d1d46ef9f9d92387fcab3cf14af4a83a97e8dd9f31fa4fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1564331
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
28180
x-served-by
cache-fra-eddf8230045-FRA, cache-ams21054-AMS
last-modified
Wed, 19 Jul 2023 08:57:49 GMT
server
nginx/1.14.1
x-timer
S1691321455.602097,VS0,VE2
etag
W/"a7d2ad15e27df1820ba8f58141265b8b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
0, 1
ws.jsa
www.wysistat.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/ws.jsa
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
92.243.23.24 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-23-24.dc0.ghst.net
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
8351e134b338dd61dcb0dc8a01844f731bb5ab8503371cf84cec49126b1e4456

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 11:30:54 GMT
Last-Modified
Wed, 15 Dec 2021 10:02:33 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"4005e-b5e-5d32c6791a58e"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2910
gtm.js
t.notretemps.com/ 		384 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-KP37JNG
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf44916a87221080a677363773f6104c4a289a8b875fa4d6c8c98e28ddd4d297

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
last-modified
Sun, 06 Aug 2023 09:00:00 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
x-amz-cf-id
ylj4mdwp4oukG2ZHag0cepssbYms6fUHCi21cHo0KxhMXHrhODbk2Q==
expires
Sun, 06 Aug 2023 11:45:41 GMT
gtm.js
t.notretemps.com/ 		372 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba52474baccf924c2113e619b1fa4b32334d6330b37eb3e5704949325dc01082

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
last-modified
Sun, 06 Aug 2023 09:00:00 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
x-amz-cf-id
AaXRtrXWU2e2Zdo58K3Y_wfjLfhVGb8mBRb2KB6GhjI0YS_k1XqSBQ==
expires
Sun, 06 Aug 2023 11:45:26 GMT
icomoon.woff2
www.notretemps.com/fonts/ 		0
0
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/fonts/gfonts/OpenSans/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/fonts/gfonts/OpenSans/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer
https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
Origin
https://orthographe.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
via
1.1 varnish, 1.1 varnish
age
1681667
x-cache
HIT, HIT
content-length
16740
x-served-by
cache-fra-eddf8230103-FRA, cache-ams21073-AMS
last-modified
Fri, 04 Nov 2022 10:46:36 GMT
server
nginx/1.14.1
x-timer
S1691321455.850351,VS0,VE0
etag
"e43b535855a4ae53bd5b07a6eeb3bf67"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
35908, 3
SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/fonts/gfonts/EBGaramond/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/fonts/gfonts/EBGaramond/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec

Request headers

Referer
https://fastly-a9fast-com.freetls.fastly.net/static-s3/css/dist/website-kiev-webpartner-8531c6f4672bcfc3da64ca2af8c5ec00.min.css
Origin
https://orthographe.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
via
1.1 varnish, 1.1 varnish
age
1772866
x-cache
HIT, HIT
content-length
20512
x-served-by
cache-fra-eddf8230127-FRA, cache-ams21073-AMS
last-modified
Tue, 08 Nov 2022 10:06:58 GMT
server
nginx/1.14.1
x-timer
S1691321455.850328,VS0,VE0
etag
"b9d3155a4e574f9e56b2fca21703bb4f"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
206, 3
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 05:27:15 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 12:18:20 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1490619
etag
W/"64b7d48c-bd4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
LIEgCCqTdK0FxUYcc8ShpbqepyBS9NFqmuHkrKO_yWLCDOMzSMcy-g==
ftqOrtho_frame_495x650px_landscape.png.__a9webp__.webp
fastly-a9fast-com.freetls.fastly.net/www.gymglish.com/static/images/site/product-frames/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fastly-a9fast-com.freetls.fastly.net/www.gymglish.com/static/images/site/product-frames/ftqOrtho_frame_495x650px_landscape.png.__a9webp__.webp?w=224
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::591 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
0434e0ac4e998b680073143a10cfe294efca7fc93d7b6f2553be27e5cd42e050

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
via
1.1 varnish, 1.1 varnish
age
1654466
x-cache
HIT, HIT
x-compression-rate
1.00
content-length
54571
x-served-by
cache-fra-eddf8230136-FRA, cache-ams21054-AMS
server
nginx/1.14.1
x-timer
S1691321455.890013,VS0,VE1
etag
W/"231431-4053550950"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Content-Range,Range,Origin,Accept,Accept-Encoding
x-cache-hits
33, 1
loader.js
sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=orthographe.notretemps.com
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
294bdb22e4cb17d6e80da4a63e1812d9ea9fb5396a150c534d68b6350a7bcbf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:55 GMT
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
FRA56-P5
etag
"ae6d1a03e3c03e4c823fc58e28eb65e5"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
5226
x-amz-cf-id
-92f8P2kTmGczuHW6fk2EvHlz3lkCZqtyFOJiDydryWQiOQ8aqs9fA==
geoip-countrycode
www.gymglish.com/api/website/1/ 		2 B
39 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gymglish.com/api/website/1/geoip-countrycode
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/jquery-bs-588006d67e4d9f714827468d51981c22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0b:440:1020:22::f898 , Germany, ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB),
Reverse DNS
Software
Apache /
Resource Hash
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:55 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
vary
Accept-Language,Host,Origin
access-control-allow-methods
POST, GET, PUT
content-language
de
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orthographe.notretemps.com
cache-control
max-age=3600, private
access-control-allow-credentials
true
x-frame-options
DENY
content-length
2
x-xss-protection
1; mode=block
geoip-countrycode
www.gymglish.com/api/website/1/ 		2 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gymglish.com/api/website/1/geoip-countrycode
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/jquery-bs-588006d67e4d9f714827468d51981c22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0b:440:1020:22::f898 , Germany, ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB),
Reverse DNS
Software
Apache /
Resource Hash
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:55 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
vary
Accept-Language,Host,Origin
access-control-allow-methods
POST, GET, PUT
content-language
de
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://orthographe.notretemps.com
cache-control
max-age=3600, private
access-control-allow-credentials
true
x-frame-options
DENY
content-length
2
x-xss-protection
1; mode=block
statistique.js
www.wysistat.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/statistique.js
Requested by
Host: www.wysistat.com
URL: https://www.wysistat.com/ws.jsa
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
92.243.23.24 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-23-24.dc0.ghst.net
Software
Apache/2.2.22 (Ubuntu) / PHP/5.4.6-1ubuntu1.5
Resource Hash
662b25f13ac440a28e31ed0b909d64f8e0ade97b9d9c2b123e1485c091fe21e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 11:30:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Mar 2023 13:24:11 GMT
Server
Apache/2.2.22 (Ubuntu)
X-Powered-By
PHP/5.4.6-1ubuntu1.5
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=ISO8859-15
Cache-Control
public, max-age=129600, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
2355
keycloak.json
orthographe.notretemps.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://orthographe.notretemps.com/keycloak.json
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/jquery-bs-588006d67e4d9f714827468d51981c22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a0b:440:1020:22::f898 , Germany, ASN39921 (DE-RACKSPACE Frankfurt, Germany, GB),
Reverse DNS
Software
Apache /
Resource Hash
80374a02a86fa14f1980d009d3deadb2588e50fb46b2a3af7cb73b5990c94b68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://orthographe.notretemps.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:54 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
referrer-policy
same-origin
server
Apache
vary
Host
x-frame-options
DENY
content-type
text/html; charset=utf-8
content-length
2618
x-xss-protection
1; mode=block
truncated
/ 		470 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9055f366a3f6bc02f14b8d3f8f25e889ca9c67ed60a6e8eeb36168b27ecfe1fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
compteur.php
www.wysistat.com/images/notretemps/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wysistat.com/images/notretemps/compteur.php?nom=notretemps&tps=5430&ecran=1600x1200&origine=&origine_force=&frame=0&ParaWysistat=0&CompteurExtranet=0&consent=0&event=&ParaPage=0&ParaProfiling=0&ParaCompte=0&ParaRoi=0&ojd_version=2&cookie=1&deja_cookie=0&id=0.7172996466760098_1691321454990&id_int=0.7172996466760098_1691321454990&compteur_mois=1&compteur_jour=1&deja_id=0&vu_diff_jour=0&vu_time_prec=1691321454&page_js=https%3A//orthographe.notretemps.com/
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
92.243.23.24 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-23-24.dc0.ghst.net
Software
Apache/2.2.22 (Ubuntu) / PHP/5.4.6-1ubuntu1.5
Resource Hash
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 11:30:55 GMT
Server
Apache/2.2.22 (Ubuntu)
Connection
Keep-Alive
X-Powered-By
PHP/5.4.6-1ubuntu1.5
Content-Length
43
Keep-Alive
timeout=5, max=98
Content-Type
image/gif
sdk.b3b080b431a241aece42ba21a0c0e0c039b958e1.js
sdk.privacy-center.org/sdk/b3b080b431a241aece42ba21a0c0e0c039b958e1/modern/ 		320 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/b3b080b431a241aece42ba21a0c0e0c039b958e1/modern/sdk.b3b080b431a241aece42ba21a0c0e0c039b958e1.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=orthographe.notretemps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a0db36ce9cca3d8b6e866180c516a12b515b40a0db13dca2764ca9ad1c36a31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 17:13:54 GMT
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
last-modified
Fri, 04 Aug 2023 16:59:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1691168038/ctime:1691168038/gid:0/gname:root/md5:02e574e0d1c0ab4b40e52254ed6030f7/mode:33188/mtime:1691168038/uid:0/uname:root
x-amz-cf-pop
FRA56-P5
age
152222
etag
W/"02e574e0d1c0ab4b40e52254ed6030f7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
uky0k5loDT1eROqHjUM8nzrJCILLVoVmPT_WR54qyC_VuvCPoIcnBw==
ui-gdpr-en-web.b3b080b431a241aece42ba21a0c0e0c039b958e1.js
sdk.privacy-center.org/sdk/b3b080b431a241aece42ba21a0c0e0c039b958e1/modern/ 		227 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk/b3b080b431a241aece42ba21a0c0e0c039b958e1/modern/ui-gdpr-en-web.b3b080b431a241aece42ba21a0c0e0c039b958e1.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk/b3b080b431a241aece42ba21a0c0e0c039b958e1/modern/sdk.b3b080b431a241aece42ba21a0c0e0c039b958e1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81bab9860844cd89afb865a9b48ff183bdc60fda536fb8f0dc21539c8d4f952a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 17:13:56 GMT
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
last-modified
Fri, 04 Aug 2023 17:00:13 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1691168038/ctime:1691168038/gid:0/gname:root/md5:d9cdf5a4c9a649250847e1833ad261f2/mode:33188/mtime:1691168038/uid:0/uname:root
x-amz-cf-pop
FRA56-P5
age
152220
etag
W/"d9cdf5a4c9a649250847e1833ad261f2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
3DhnTsGAR46-xqMPnUD5Af3DHhFg-vGsuF9GiDLE5VhLAO-S_1lJ7A==
analytics.js
t.notretemps.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/analytics.js
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 10:05:43 GMT
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
age
5121
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=7200
x-amz-cf-id
Jo-Ct5afPkhr7tMDJ4slmAUhqVLedT-jauLn7tLxrgEVl9ZT3Js8Ww==
expires
Sun, 06 Aug 2023 12:05:34 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=530040113.1691321455&url=https%3A%2F%2Forthographe.notretemps.com%2F&gtm=45Fe3820n81KP37JNG
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Aug 2023 11:30:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Requested by
Host: orthographe.notretemps.com
URL: https://orthographe.notretemps.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-34.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 05:27:15 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 12:18:20 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1490620
etag
W/"64b7d48c-bd4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
k93Hs6CNY3LcyKd_Y0p_8Q1xYi6nshcwS9eKLDibHdG0p1A01tB36w==
js
t.notretemps.com/gtag/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtag/js?id=G-1KYSRH2EDD&l=dataLayer&cx=c&sign=5df63c11a153ba42009014864a44dadda28068052dd3616e2353298f06d97282_20230806
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bee849d68d0d9d6375de712ddb82d96f7aff14667a53e7152b5aff0d43eadcd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:55 GMT
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
x-amz-cf-id
Q9XAGsy8rlnRYsDvRmLwQDm0zCn31h0uzxmIukUO1ZGtRnfRDw6w1Q==
expires
Sun, 06 Aug 2023 11:45:34 GMT
linkid.js
t.notretemps.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/plugins/ua/linkid.js
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 10:59:34 GMT
content-encoding
gzip
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
age
1882
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-id
tHxwFxaYwon576MEkEi8dO40Gcj_oe6s61voI4RGduEAOalrcwJxUQ==
expires
Sun, 06 Aug 2023 11:59:33 GMT
collect
t.notretemps.com/g/ 		65 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/g/collect?v=2&tid=G-1KYSRH2EDD&gtm=45he3820&_p=584762604&gcs=G100&gdid=dMTc4Zm&cid=729748422.1691321456&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=&sst.rnd=530040113.1691321455&sst.ngs=1&sst.gcd=G100&_s=1&dl=https%3A%2F%2Forthographe.notretemps.com%2F&sid=1691321455&sct=1&seg=0&dt=&en=didomi_view&_fv=1&_ss=1&ep.page_hostname=orthographe.notretemps.com&ep.gtm_container_id=GTM-KP37JNG&ep.h1=6%20H1%20%3A%20Oops!&ep.canonical=null&ep.browser_size=1600*1200&ep.bayard_source=(direct)&ep.bayard_medium=(none)&ep.bayard_campaign=(not%20set)&ep.page_fragment=&epn.pageload_id=5086293949&ep.gtm_container_version=795&richsstsse
Requested by
Host: fastly-a9fast-com.freetls.fastly.net
URL: https://fastly-a9fast-com.freetls.fastly.net/static-s3/js/dist/jquery-bs-588006d67e4d9f714827468d51981c22.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:c800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 11:30:55 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA56-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/plain
access-control-allow-origin
https://orthographe.notretemps.com
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
WcRB7e9WiFBE0XXtbaJCdE9FkyfkqwTIx-6dzGP09MCZnwbV3JSXZw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/icomoon.woff2
Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/montserrat-latin.woff2
Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/montserrat-bold-latin.woff2
Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/opensans-latin.woff2
Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/opensans-bold-latin.woff2
Domain
www.notretemps.com
URL
https://www.notretemps.com/fonts/icomoon.woff2?i=0

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getCleanTrackingUrl object| dataLayer object| _wsq object| a9CookieContentOptions function| sha256 function| sha224 object| base64js function| Keycloak function| jQuery function| $ object| debounce object| Cookies number| uidEvent object| bootstrap object| hostnameRegex object| conf function| Popper object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| ClipboardJS object| Raven object| lazySizesConfig object| lazySizes function| iFrameResize object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| SearchIndex function| Bloodhound function| a9jQuery object| a9 object| a9CookieBanner object| didomiOnReady object| didomiEventListeners boolean| gdprAppliesGlobally function| __tcfapi function| trim function| _wysistat function| _setNom function| _setFrame function| _setParaWysistat function| _setCompteurExtranet function| _setParaPage function| _setPage function| _setParaRoi function| _setParaProfiling function| _setParaCompte function| _setConsentCookie function| _setEvent function| _reset function| _wstopn function| _setAccount function| _setTag function| _setID object| wsq object| wst string| v number| wsdjid number| wsvudj string| wsref string| wscli number| wspage number| wsprof number| wscpt number| wscook string| wsecr number| wsdjcook function| stat function| wysistat function| ws_getScreenSize function| ws_retVide function| ws_writeCook function| ws_readCook function| ws_majCook function| ws_isCookAccept function| storageAvailable function| ws_getConsent number| valeur number| wysi number| wsconsent object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data number| bayard_first_visit_ga object| itemsToKeep function| getCookieValue function| deleteCookie function| areAllVendorsAndPurposesDisabled number| consentEventsCount undefined| existingConsentString function| onYouTubeIframeAPIReady object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| DidomiSanitizing object| googletag object| adsbygoogle object| didomiState string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask

10 Cookies

Domain/Path Name / Value
.notretemps.com/ Name: AMCV_551310525D816F350A495C48%40AdobeOrg
Value: MCMID%7C53277583591792967672359041779812007935
.notretemps.com/ Name: nlid
Value: 75a7bc02|5f3b93b3
.notretemps.com/ Name: nllastdelid
Value: 5f3b93b3
orthographe.notretemps.com/ Name: registeredfrom
Value: NOTRETEMPS_GS_HOME
orthographe.notretemps.com/ Name: Wysistat
Value: 0.7172996466760098_1691321454990%C2%A71%C2%A71691321454990%C2%A71%C2%A71691321454%C2%A70.7172996466760098_1691321454990%C2%A71725449454990
.notretemps.com/ Name: __utmzz
Value: utmcsr=(direct)|utmcmd=(none)|utmccn=(not set)
.notretemps.com/ Name: __utmzzses
Value: 1
.notretemps.com/ Name: __utmzzfirst
Value: utmcsr=(direct)|utmcmd=(none)|utmccn=(not set)
.notretemps.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTg5Y2E5ZDUtMjlmMS02MzY5LWJkNGQtODNmY2ZjZWZkNmY5IiwiY3JlYXRlZCI6IjIwMjMtMDgtMDZUMTE6MzA6NTUuMzEzWiIsInVwZGF0ZWQiOiIyMDIzLTA4LTA2VDExOjMwOjU1LjMxM1oiLCJ2ZXJzaW9uIjpudWxsfQ==
t.notretemps.com/ Name: bayard_cid
Value: 70135933678*1691321455852

15 Console Messages

Source Level URL
Text
javascript error URL: https://orthographe.notretemps.com/
Message:
Access to font at 'https://www.notretemps.com/fonts/icomoon.woff2' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/icomoon.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orthographe.notretemps.com/
Message:
Access to font at 'https://www.notretemps.com/fonts/montserrat-latin.woff2' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/montserrat-latin.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orthographe.notretemps.com/
Message:
Access to font at 'https://www.notretemps.com/fonts/montserrat-bold-latin.woff2' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/montserrat-bold-latin.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orthographe.notretemps.com/
Message:
Access to font at 'https://www.notretemps.com/fonts/opensans-latin.woff2' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/opensans-latin.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://orthographe.notretemps.com/
Message:
Access to font at 'https://www.notretemps.com/fonts/opensans-bold-latin.woff2' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/opensans-bold-latin.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
javascript error URL: https://orthographe.notretemps.com/(Line 2161)
Message:
Access to font at 'https://www.notretemps.com/fonts/icomoon.woff2?i=0' from origin 'https://orthographe.notretemps.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'quiz.notretemps.com'.
network error URL: https://www.notretemps.com/fonts/icomoon.woff2?i=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://orthographe.notretemps.com/keycloak.json
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://orthographe.notretemps.com/
Message:
The resource https://www.notretemps.com/fonts/icomoon.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fastly-a9fast-com.freetls.fastly.net
orthographe.notretemps.com
pagead2.googlesyndication.com
sdk.privacy-center.org
sso.notretemps.com
t.notretemps.com
t.prod1.emailing.notretemps.com
www.gymglish.com
www.notretemps.com
www.wysistat.com
www.notretemps.com
2600:9000:223d:c800:a:9c85:8d80:93a1
2600:9000:223f:5a00:5:b7cc:d3c0:93a1
2a00:1450:4001:827::2002
2a04:4e42:200::591
2a0b:440:1020:22::f898
52.222.139.86
54.220.123.91
65.9.66.34
92.243.23.24
0434e0ac4e998b680073143a10cfe294efca7fc93d7b6f2553be27e5cd42e050
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd
142d7e873b9d8d550b53e6e55bac7a11ed1f2c0aa5e2d49966cde5ce3c00faec
1c7d71501b818e345e3c916f2e27268fb9f34531c5a16490e0116162f1860e1e
294bdb22e4cb17d6e80da4a63e1812d9ea9fb5396a150c534d68b6350a7bcbf4
4c842e097c4ce8e92fe984a7ad6311cf27126d43a0dd45502fb9d2c7d0609bb2
5a5f620806afabbc176d04ac3617d811316004f27f245ce6e81b5dc30c78592a
662b25f13ac440a28e31ed0b909d64f8e0ade97b9d9c2b123e1485c091fe21e4
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
7a0db36ce9cca3d8b6e866180c516a12b515b40a0db13dca2764ca9ad1c36a31
80374a02a86fa14f1980d009d3deadb2588e50fb46b2a3af7cb73b5990c94b68
81bab9860844cd89afb865a9b48ff183bdc60fda536fb8f0dc21539c8d4f952a
8351e134b338dd61dcb0dc8a01844f731bb5ab8503371cf84cec49126b1e4456
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74
88537c796eaf8385c25ba27f3ee8cc20a7080f7eb7fe65c596fa6bde11c4327c
9055f366a3f6bc02f14b8d3f8f25e889ca9c67ed60a6e8eeb36168b27ecfe1fe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
b2af084829cc22c7d1d46ef9f9d92387fcab3cf14af4a83a97e8dd9f31fa4fd7
b33f7c0139091b46479be80e1afcedb36555cbb6690f257fa538e3f35759ca16
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
ba52474baccf924c2113e619b1fa4b32334d6330b37eb3e5704949325dc01082
bee849d68d0d9d6375de712ddb82d96f7aff14667a53e7152b5aff0d43eadcd4
cf44916a87221080a677363773f6104c4a289a8b875fa4d6c8c98e28ddd4d297
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a
ecef7483d116009bf69a8eb54c7436aee84be77a8c1bdce4d8cb6b1e2aba33fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629