urlscan.io logo urlscan.io
SecurityTrails logo

www.notretemps.com Open in urlscan Pro
65.9.66.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notretemps.com/r/?id=h4b30022b,5d7ea48b,7ff595d0&p1=NLNTE_EditoAll_133-1724-221013&p2=13-10-2022&p3=Optin_NTEEd...
Effective URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-2210...
Submission: On October 13 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 10 domains to perform 57 HTTP transactions. The main IP is 65.9.66.39, located in United States and belongs to AMAZON-02, US. The main domain is www.notretemps.com. The Cisco Umbrella rank of the primary domain is 403462.
TLS certificate: Issued by Amazon on March 21st 2022. Valid for: a year.
This is the only time www.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.77.189.250 16509 (AMAZON-02)
18 65.9.66.39 16509 (AMAZON-02)
3 143.204.89.17 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:214... 16509 (AMAZON-02)
2 99.86.4.84 16509 (AMAZON-02)
3 95.142.164.50 203476 (GANDI-AS-...)
2 34.107.143.101 396982 (GOOGLE-CL...)
3 46.105.200.165 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 54.38.250.4 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
57 16
1    54.77.189.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-189-250.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notretemps.com
18    65.9.66.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-39.fra56.r.cloudfront.net
www.notretemps.com
3    143.204.89.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-17.fra50.r.cloudfront.net
sso.notretemps.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2600:9000:214f:4a00:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
2    99.86.4.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-84.fra6.r.cloudfront.net
try.abtasty.com
3    95.142.164.50 (France)

ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR)
PTR: xvm-164-50.ghst.net
www.wysistat.com
2    34.107.143.101 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.143.107.34.bc.googleusercontent.com
dcinfos-cache.abtasty.com
3    46.105.200.165 (France)

ASN16276 (OVH, FR)
static.qiota.com
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    54.38.250.4 (France)

ASN16276 (OVH, FR)
www.qiota.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
22 notretemps.com
t.prod1.emailing.notretemps.com
www.notretemps.com — Cisco Umbrella Rank: 403462
sso.notretemps.com
306 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
373 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
region1.google-analytics.com — Cisco Umbrella Rank: 2144
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
377 KB
4 qiota.com
static.qiota.com — Cisco Umbrella Rank: 190850
www.qiota.com — Cisco Umbrella Rank: 203890
stats.qiota.com Failed
38 KB
4 abtasty.com
try.abtasty.com — Cisco Umbrella Rank: 10495
dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 12657
84 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 19
42 KB
3 wysistat.com
www.wysistat.com — Cisco Umbrella Rank: 104764
6 KB
3 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 5660
156 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
548 B
57 10
Domain Requested by
18 www.notretemps.com www.notretemps.com
sso.notretemps.com
5 www.googletagmanager.com www.notretemps.com
www.googletagmanager.com
static.qiota.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.notretemps.com
www.gstatic.com
www.google.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.qiota.com www.notretemps.com
static.qiota.com
3 www.wysistat.com www.notretemps.com
www.wysistat.com
3 sdk.privacy-center.org www.notretemps.com
sdk.privacy-center.org
3 sso.notretemps.com www.notretemps.com
sso.notretemps.com
2 fonts.gstatic.com www.google.com
2 region1.google-analytics.com www.googletagmanager.com
2 dcinfos-cache.abtasty.com try.abtasty.com
2 try.abtasty.com www.googletagmanager.com
try.abtasty.com
1 www.qiota.com static.qiota.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 t.prod1.emailing.notretemps.com 1 redirects
0 stats.qiota.com Failed static.qiota.com
57 17

This site contains links to these domains. Also see Links.

Domain
forms.bayard.io
www.groupebayard.com
Subject Issuer Validity Valid
notretemps.com
Amazon		 2022-03-21 -
2023-04-19		 a year crt.sh
sso.notretemps.com
Amazon		 2022-01-10 -
2023-02-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.privacy-center.org
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
try.abtasty.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
www.wysistat.com
Gandi Standard SSL CA 2		 2022-05-02 -
2023-06-02		 a year crt.sh
dcinfos-cache.abtasty.com
R3		 2022-09-10 -
2022-12-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.qiota.com
Thawte RSA CA 2018		 2022-03-03 -
2023-04-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Frame ID: 61A8F0F02E747D2A8B71C887CEAA050F
Requests: 46 HTTP requests in this frame

Frame: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/login-status-iframe.html
Frame ID: 627A81471C391EE5030847B6B6BE245F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Frame ID: 33277634DAF16C5D7CC4959C58D55616
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mes newsletters

Page URL History Show full URLs

  1. https://t.prod1.emailing.notretemps.com/r/?id=h4b30022b,5d7ea48b,7ff595d0&p1=NLNTE_EditoAll_133-1724-221013&p2=13-10... HTTP 302
    https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_Ed... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

57
Requests

98 %
HTTPS

50 %
IPv6

10
Domains

17
Subdomains

16
IPs

4
Countries

1403 kB
Transfer

4107 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notretemps.com/r/?id=h4b30022b,5d7ea48b,7ff595d0&p1=NLNTE_EditoAll_133-1724-221013&p2=13-10-2022&p3=Optin_NTEEdito&p4= HTTP 302
    https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mes-newsletters
www.notretemps.com/
Redirect Chain
  • https://t.prod1.emailing.notretemps.com/r/?id=h4b30022b,5d7ea48b,7ff595d0&p1=NLNTE_EditoAll_133-1724-221013&p2=13-10-2022&p3=Optin_NTEEdito&p4=
  • https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6d1d084b8f2f8cfb6f6dd1920181f93ab85c5dcdfb7299c65a7cd95e88a44161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 13 Oct 2022 05:25:54 GMT
server
nginx
strict-transport-security
max-age=31536000
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-id
ncpJIG496OUbvvYDRHjGKasWZeVOaaenWOK1EGwt3BlUjLhix-5k6A==
x-amz-cf-pop
FRA56-C1
x-backend
notretempsc202.cs.bayard.local
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
17
content-type
text/plain; charset=utf-8
date
Thu, 13 Oct 2022 05:25:53 GMT
location
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
p3p
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server
Apache
x-robots-tag
noindex
notretemps.css
www.notretemps.com/css/ 		272 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/css/notretemps.css?version=0.3.529
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fbed2a9e8de4d748ef726e29bad24d1ba8d41774ecdcc611c525c91465f85149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:04:40 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:52:15 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
58874
etag
W/"6346b87f-441e7"
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
OkPLoO1JXDQV0Ckd1sbWXEMksT4iVWeqWvpEGzab7JPKUmDnyHsfOw==
icomoon.woff2
www.notretemps.com/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/icomoon.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ab2613b36908ae0af18b72a551d16dc2abecdfcb56905d46d16812e7bc2fc40c

Request headers

Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 23:08:42 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Fri, 23 Sep 2022 08:57:43 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1664232
etag
"632d7507-2464"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
9316
x-amz-cf-id
b6aGv4IG_xl2tlJTzBaXCs-CCxIT8gyaARxti-B5SgVO5rDgIy773A==
montserrat-latin.woff2
www.notretemps.com/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/montserrat-latin.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Request headers

Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 19:04:28 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Fri, 23 Sep 2022 08:57:43 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1678886
etag
"632d7507-358c"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
13708
x-amz-cf-id
QzcALZlxDMf_dShM3UpYyNYlFTK4zxhszjDZnhULwB7ZCPg8GHyaFg==
montserrat-bold-latin.woff2
www.notretemps.com/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/montserrat-bold-latin.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Request headers

Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:41:29 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:09:00 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
3426264
etag
"6310cb0c-352c"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
13612
x-amz-cf-id
bSb230lsZw6fQ20qT5bebjXafyro_QsvRgOgUMpsJa4E6udK5C7tQg==
opensans-latin.woff2
www.notretemps.com/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/opensans-latin.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Request headers

Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 03:07:02 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Thu, 01 Sep 2022 15:09:00 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
3291532
etag
"6310cb0c-23ac"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
9132
x-amz-cf-id
VfFxIo-22dOrBjeTngPsiBO5XyLjVh-imrEJU_mJ3weJtb8iKqYAGw==
opensans-bold-latin.woff2
www.notretemps.com/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/opensans-bold-latin.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Request headers

Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 04:49:30 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 17:05:06 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1989384
etag
"6328a142-2378"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
9080
x-amz-cf-id
rVFcJQzpteQDYYUWJb9ms6J8-LQ1NRRzUOCXeu4JZLVEUZOwIJd4Rw==
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 05:07:24 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Thu, 29 Sep 2022 08:22:22 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1124310
etag
W/"633555be-bd4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
0eug6tqnpF1VBmO3gAlQvAqSteOzIrnw31lGs2K8yONVWPak2YwSBg==
newsletter-edito.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-edito.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
71236984fc6edb8c3e35400c2d0c5547cb31ab41b13aa3d43edf5dc3ab97ffd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:22:40 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 11:56:42 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
3704594
etag
"630dfafa-6054"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
24660
x-amz-cf-id
5zvnREofM5BoturFtzaUJhNSQExidl27WLDNiVGkh0kGRXh1-wG5EQ==
newsletter-sante.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-sante.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4e22f85f3765affd9ccd9e9630828f52b058c7129fb22ec7546431d7cae55c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 06:17:37 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Tue, 30 Aug 2022 11:56:42 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
3625697
etag
"630dfafa-4682"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
18050
x-amz-cf-id
WnXGlx-MHFdGhbkAp1yBRq388ru2fyJhlXB1CCNZC9cLwpUZmdjbEQ==
newsletter-grandsparents.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-grandsparents.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3583cba3a8f4bcb008f39d64479c9ecd2c03ac0b587d1f6dfc830ca13247f772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 01:16:31 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 09:58:40 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
2952563
etag
"6319bcd0-1973"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
6515
x-amz-cf-id
FiEKOhZCvkTVPsZYz1xXdpsFxTr1VuOu1tDPt0LBTzxCbOREeuXUDQ==
newsletter-jeux.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-jeux.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a523753ef5a718bde551404158cf74e598a0ebb987927cec8da26aa4005d2d4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 08:02:57 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Fri, 26 Aug 2022 06:24:09 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
4137777
etag
"63086709-43a5"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
17317
x-amz-cf-id
D8RfISZzHWBOkhRr5LZ_IE54OFp0F-gwLsr7MDOzcRO0sxGjcRuRJQ==
newsletter-abo.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-abo.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fe11fb93d333b7f8db47a404102f2f20ce2ba1b59982197bf76f5392176bb11f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 05:41:29 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 26 Sep 2022 09:04:11 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1381465
etag
"63316b0b-4535"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
17717
x-amz-cf-id
TwUudDOCF8-QwPtGCcxO69SSTaZrGXd7wGw3VwdgyLF6WYyKU1GV_g==
newsletter-partners.jpg
www.notretemps.com/keycloak/images/newsletters/notretemps/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/keycloak/images/newsletters/notretemps/newsletter-partners.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a6b563806fb7ea96b0c038e74576f6ed74394645dbd583aff97a46b206b511fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:32:55 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 17:05:06 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1993979
etag
"6328a142-5bbb"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
23483
x-amz-cf-id
vYlCLe-XFLvpptyU5zvNNISx_uoR7toXucrham7eYa0IZnStrT6sgg==
keycloak.min.js
sso.notretemps.com/auth/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/js/keycloak.min.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-17.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
gzip
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 19:35:22 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"61fadcfa-82cc"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-expose-headers
Authorization, X-Total-Count
access-control-allow-credentials
true
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
x-amz-cf-id
6PHlDGhEjx9a_fRzkEbxxXztBAkbNNpQrBBxMW8WOrTri9cQ4qY29Q==
minimal.js
www.notretemps.com/js/ 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/minimal.js?version=0.3.529
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7a388e1a95cdb56a4bb2c83eed7bc46e892cc2246a098badcd4268a851cfdd1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:04:40 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:52:15 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
58874
etag
W/"6346b87f-2d61f"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
MrCqbh1I83W24jXmv3Lqkglm9nXX7SpTcS_DNCF1rH6pN167TpN2lw==
app.js
www.notretemps.com/js/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/app.js?version=0.3.529
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
64189f23aca031cf73b491213a0124dd7f5ac8b85bd20ae8eec0020109efdc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:04:40 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:52:15 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
58874
etag
W/"6346b87f-affb"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-id
96_ll_1w-hM17BWPda1EPkkbuWbTQ8_6NW5NGfaHzE9TihGgTqu_og==
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2bfd1b816b641fa5047abaf9130fe8a1166f1a8907b33a06e58024faafe9b319
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Thu, 13 Oct 2022 05:25:54 GMT
gtm.js
www.googletagmanager.com/ 		353 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4840560deebc4ad341b69c49d7440a47660a036d38157398ae27041f8b3a0f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94884
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Oct 2022 05:25:54 GMT
gtm.js
www.googletagmanager.com/ 		285 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ9M68D
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
843a8a71e967489a821d8bd5938b4fb0b9fdaf854e42256237bc21ee70d96957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91147
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Oct 2022 05:25:54 GMT
icomoon.woff2
www.notretemps.com/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/icomoon.woff2?i=0
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/css/notretemps.css?version=0.3.529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ab2613b36908ae0af18b72a551d16dc2abecdfcb56905d46d16812e7bc2fc40c

Request headers

Referer
https://www.notretemps.com/css/notretemps.css?version=0.3.529
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 23:08:42 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Fri, 23 Sep 2022 08:57:43 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
age
1664232
etag
"632d7507-2464"
x-cache
Hit from cloudfront
content-type
application/font-woff2
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
accept-ranges
bytes
content-length
9316
x-amz-cf-id
qSq52PwvKi_NTmqK6x_MmqLuhCLr-05Qc2aFZSv_ovuj-FBSlcvnPg==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.notretemps.com/
Origin
https://www.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 23:26:55 GMT
loader.js
sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=www.notretemps.com
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
50c0733290dacda21f0c8bd60ea33fd174a155b20f0d981c585fc8bd2f48f953

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 03:39:28 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-didomi-remote-config-source
Lambda
server
CloudFront
x-amz-cf-pop
FRA53-C1
age
6394
etag
"84e09051c1b55cea3419f0b076d46737"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200, public
content-length
5358
x-amz-cf-id
ynZH-e7biLb2jxFop-n_rjJnSzPJtz87MvkxwXvA7d2RdH5vGnFIjw==
1be34569f8ef3075a499b87a3d4c3cba.js
try.abtasty.com/ 		271 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://try.abtasty.com/1be34569f8ef3075a499b87a3d4c3cba.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ9M68D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-84.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
23c99db0f9fd836f9bee3e4eb1f74ae6ea5f404e5999754f938513079a2be29b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 13:32:20 GMT
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified
Fri, 07 Oct 2022 13:31:25 GMT
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
57228
etag
W/"b7a308a713f79638f4dc047f588f8c67"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=86400,max-age=30
x-amz-cf-id
BDrCy2Et62eg5eKYgMSkxwsR5KIhPm2LGjz7pe_4FwvZv1sW-Ut0YA==
ws.jsa
www.wysistat.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/ws.jsa
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
95.142.164.50 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-164-50.ghst.net
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
8351e134b338dd61dcb0dc8a01844f731bb5ab8503371cf84cec49126b1e4456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 05:25:54 GMT
Last-Modified
Wed, 15 Dec 2021 10:02:32 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"5a74b-b5e-5d32c67857b69"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2910
keycloak.json
www.notretemps.com/ 		165 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/keycloak.json
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
47864b1785f5290db902300db9c95e5805b320adea793eff942508a68fae2ee1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 23:09:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-backend
notretempsc202.cs.bayard.local
x-amz-cf-pop
FRA56-C1
age
1491379
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Sun, 25 Sep 2022 23:09:35 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
must-revalidate, public, s-maxage=2592000
x-amz-cf-id
NHWbQvkM4pteInqkHb1sR_MTrmggMgPWszMKoIhOYcoZcqFOxUWLdg==
expires
Tue, 25 Oct 2022 23:09:35 GMT
js
www.googletagmanager.com/gtag/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KYSRH2EDD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c183b039f644cebdf1b73676d7db5eb899461d60a839c1578c398f63132c6a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75491
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 05:25:54 GMT
login-status-iframe.html
sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/ Frame 627A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/login-status-iframe.html
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/js/keycloak.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-17.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.notretemps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate, no-transform, no-store
content-encoding
gzip
content-security-policy
frame-src 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Thu, 13 Oct 2022 05:25:54 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
x-amz-cf-id
XLlsAJNBBqyETT6zBJ2uiGRd4RG_3qbZQk81InOP14ouRj1gb_7OdA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
sdk.8fe1131fc24ee366bd2092b59f54741d00636e8c.js
sdk.privacy-center.org/ 		467 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.8fe1131fc24ee366bd2092b59f54741d00636e8c.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=www.notretemps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6117e8afaf7243babc674a554aaa2258de4e8148ada22b3eec84e6427bb02016

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 11:10:16 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Tue, 11 Oct 2022 11:06:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1665486071/ctime:1665486071/gid:0/gname:root/md5:08c6d5447ac2ad13f9ec5a613b5f23cc/mode:33188/mtime:1665486071/uid:0/uname:root
x-amz-cf-pop
FRA53-C1
age
152139
etag
W/"08c6d5447ac2ad13f9ec5a613b5f23cc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
eHl1dCYvqnKVOOn57gaRMZyVGzvhY-Hk5TahOz3f2ubn4aj0HB39fw==
analytics.6176d54b2336c1ce30a5.js
try.abtasty.com/shared/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://try.abtasty.com/shared/analytics.6176d54b2336c1ce30a5.js
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/1be34569f8ef3075a499b87a3d4c3cba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-84.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a374c424c4bf446e4104f22aecdd7d20ea7f13ec5aebf321a6a0d721593c7810

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 17:59:14 GMT
content-encoding
gzip
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 17:59:06 GMT
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
559601
etag
W/"b044f5c1b30ca82d8d3d62cef419d3e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=31536000,max-age=31536000
x-amz-cf-id
PznUmC3_rwZSZbfssd5-CXvhv8_VAjvso5KNZTdKDEBE3iXMjjmG_w==
geoip
dcinfos-cache.abtasty.com/v1/ 		455 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dcinfos-cache.abtasty.com/v1/geoip?weather=false
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/1be34569f8ef3075a499b87a3d4c3cba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.143.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
101.143.107.34.bc.googleusercontent.com
Software
- /
Resource Hash
f36ac471e60b62d40f5c613912ea24f6831a672f4a48802a6d62c89d4814094a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
-
server
-
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=600
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ua-parser
dcinfos-cache.abtasty.com/v1/ 		120 B
217 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dcinfos-cache.abtasty.com/v1/ua-parser
Requested by
Host: try.abtasty.com
URL: https://try.abtasty.com/1be34569f8ef3075a499b87a3d4c3cba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.143.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
101.143.107.34.bc.googleusercontent.com
Software
- /
Resource Hash
2124d259e9281f4dbc752a3e339c6df623ee8ee7d38a484cd2bff7c950ef1452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-envoy-decorator-operation
-
server
-
via
1.1 google
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
anchor
www.google.com/recaptcha/api2/ Frame 3327 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
88627f582ca24e262d1c719b7b8413efcdd5c5392b45654b9e2f2ef438e4c21a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rsnTRNDunjzsJlemG4wGig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.notretemps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23262
content-security-policy
script-src 'report-sample' 'nonce-rsnTRNDunjzsJlemG4wGig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 05:25:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ui-gdpr-en.8fe1131fc24ee366bd2092b59f54741d00636e8c.js
sdk.privacy-center.org/ 		273 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.8fe1131fc24ee366bd2092b59f54741d00636e8c.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.8fe1131fc24ee366bd2092b59f54741d00636e8c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adf3a4f9c116fecc81d9e05f532836a1c4f8ee23d0be061afcb26b79b88ab37e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 11:10:37 GMT
content-encoding
gzip
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Tue, 11 Oct 2022 11:06:24 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1665486071/ctime:1665486071/gid:0/gname:root/md5:30ba6010cfb6d18253a42766bf558587/mode:33188/mtime:1665486071/uid:0/uname:root
x-amz-cf-pop
FRA53-C1
age
152118
etag
W/"30ba6010cfb6d18253a42766bf558587"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
eIrwDzjSPSov39E0gV-obF8b-6PJhcPWtEoMbbOQbuH_w-r9HjH5ug==
getQiota.js
static.qiota.com/assets/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.qiota.com/assets/getQiota.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.165 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9bdcc4a202cb2db2111aa4010a4462255c1ec9f63f0ef3d0f8226228dacd0dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 14:40:56 GMT
content-encoding
br
x-cacheable
Matched cache
x-iplb-instance
34166
status
200 OK
x-cdn-pop
rbx1
content-length
26611
x-request-id
844169835
x-runtime
0.005200
last-modified
Wed, 12 Oct 2022 14:35:57 GMT
x-iplb-request-id
33FE2982:E9F4_3626FA04:01BB_6346D1F8_47ED554:1C72
x-cdn-pop-ip
51.254.41.128/25
vary
Origin,Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
expires
Thu, 13 Oct 2022 14:40:56 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ9M68D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 05:15:57 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
597
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 13 Oct 2022 07:15:57 GMT
js
www.googletagmanager.com/gtag/ 		221 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-59S2NR2W4V&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQ9M68D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85820637d02604c8cc87366173c4963141b36ced85733babc083991638384c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77755
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 13 Oct 2022 05:25:54 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=938623507.1665638755&url=https%3A%2F%2Fwww.notretemps.com%2Fmes-newsletters&gtm=2wgaa0KP37JNG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 05:25:54 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 3327 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 10:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68865
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 10:18:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 3327 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 23:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Oct 2023 23:26:55 GMT
collect
region1.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1KYSRH2EDD&gtm=2oeaa0&_p=412790578&gcs=G100&gdid=dMTc4Zm&cid=1059964470.1665638755&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.notretemps.com%2Fmes-newsletters%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_133-1724-221013%2B13-10-2022&sid=1665638754&sct=1&seg=0&dt=Mes%20newsletters&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_hostname=notretemps.com&ep.gtm_container_id=GTM-KP37JNG&ep.h1=Mes%20newsletters&ep.canonical=null&ep.amp_page=null&ep.browser_size=1600*1200&ep.bayard_source=newsletter&ep.bayard_medium=email&ep.bayard_campaign=NLNTE_EditoAll_133-1724-221013%2B13-10-2022&ep.page_fragment=&ep.pageload_id=240856917
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KYSRH2EDD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 05:25:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.notretemps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
statistique.js
www.wysistat.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/statistique.js
Requested by
Host: www.wysistat.com
URL: https://www.wysistat.com/ws.jsa
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
95.142.164.50 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-164-50.ghst.net
Software
Apache/2.2.22 (Ubuntu) / PHP/5.4.6-1ubuntu1.5
Resource Hash
ddd53ebfe37532e8750617ba36131c51406ea1bcd4bdc99614567c4ff6d91fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 05:25:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Mar 2007 14:12:37 GMT
Server
Apache/2.2.22 (Ubuntu)
X-Powered-By
PHP/5.4.6-1ubuntu1.5
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=ISO8859-15
Cache-Control
public, max-age=129600, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
2489
init
sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/login-status-iframe.html/ Frame 627A 		0
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/login-status-iframe.html/init?client_id=notretemps.com&origin=https%3A%2F%2Fwww.notretemps.com
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/login-status-iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-17.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-amz-cf-id
zNTqw48eZ5cSbOnQaKGU_v0PBN6ZJd7Gkpb_A3ZB1d1bAas_zTQNPw==
x-xss-protection
1; mode=block
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Oct 2022 06:14:17 GMT
data.json
static.qiota.com/data/Fo1TsQ7LD8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.qiota.com/data/Fo1TsQ7LD8/data.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.165 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.notretemps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-origin
*
allow
POST,OPTIONS,GET,HEAD
cache-control
private
content-length
0
content-type
application/json
date
Thu, 13 Oct 2022 05:25:54 GMT
x-cacheable
Not cacheable: wrong request type
x-cdn-pop
rbx1
x-cdn-pop-ip
51.254.41.128/25
x-iplb-instance
34156
x-iplb-request-id
33FE298B:C0A2_3626FA04:01BB_6347A162_4B5F1F7:260FE
x-request-id
467437190
data.json
static.qiota.com/data/Fo1TsQ7LD8/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.qiota.com/data/Fo1TsQ7LD8/data.json
Requested by
Host: static.qiota.com
URL: https://static.qiota.com/assets/getQiota.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.165 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
75e37c21fab48449365c53c3280a64b950a4013c0603e308e40d4fb6ea805308

Request headers

Referer
https://www.notretemps.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Oct 2022 05:24:29 GMT
content-encoding
br
x-cacheable
Matched cache
x-iplb-instance
34166
x-cdn-pop
rbx1
content-length
2855
x-request-id
583271238
last-modified
Wed, 21 Sep 2022 12:59:40 GMT
x-iplb-request-id
33FE298B:ED48_3626FA04:01BB_6347A10D_4A69259:1C74
x-cdn-pop-ip
51.254.41.128/25
etag
"2119-5e92f848b2700"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=120
accept-ranges
bytes
access-control-allow-headers
content-type
gtm.js
www.googletagmanager.com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MK3GTGR
Requested by
Host: static.qiota.com
URL: https://static.qiota.com/assets/getQiota.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e51c0f440c740fda1de7626b6a391f9d61794ba5c5aa216d7e257cab4791e949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45990
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Oct 2022 05:25:54 GMT
onboarding
www.qiota.com/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.qiota.com/onboarding?token=Fo1TsQ7LD8
Requested by
Host: static.qiota.com
URL: https://static.qiota.com/assets/getQiota.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.250.4 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache / Phusion Passenger 5.0.26
Resource Hash
ceb6317a51fbe3b5d4bd2264987dc3b7ef956d8e1c3c33828e83259dd5967e2c
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Thu, 13 Oct 2022 05:25:54 GMT
X-Powered-By
Phusion Passenger 5.0.26
X-IPLB-Instance
34166
Transfer-Encoding
chunked
P3P
CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
Status
200 OK
X-Request-Id
a2304807-fc45-4aae-a2e2-998deb0491ee
X-UA-Compatible
IE=edge
X-Runtime
0.013826
Server
Apache
X-IPLB-Request-ID
253A3AFA:A34C_3626FA04:01BB_6347A162_4A6B4A8:1C73
ETag
W/"cf643a5faef5bc591b53e956b0d7a5d1"
Vary
Origin
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Max-Age
1728000
X-Frame-Options
ALLOWALL
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-59S2NR2W4V&gtm=2oeaa0&_p=412790578&gcs=G100&gdid=dMTc4Zm&cid=1059964470.1665638755&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.notretemps.com%2Fmes-newsletters%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_133-1724-221013%2B13-10-2022%26utm_content%3DOptin_NTEEdito%2B&sid=1665638754&sct=1&seg=0&dt=Mes%20newsletters&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&ep.page_hostname=notretemps.com&ep.gtm_container_id=GTM-PQ9M68D&ep.page_full_url=https%3A%2F%2Fwww.notretemps.com%2Fmes-newsletters%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_133-1724-221013%2B13-10-2022%26utm_content%3DOptin_NTEEdito%2B&ep.h1=Mes%20newsletters&ep.canonical=null
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-59S2NR2W4V&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 05:25:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.notretemps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3327 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 19:40:09 GMT
x-content-type-options
nosniff
age
553545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 13 Oct 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3327 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 11:18:05 GMT
x-content-type-options
nosniff
age
151669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Oct 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3327 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 18:59:48 GMT
x-content-type-options
nosniff
age
123966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 11 Oct 2023 18:59:48 GMT
compteur.php
www.wysistat.com/images/undefined/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wysistat.com/images/undefined/compteur.php?nom=undefined&tps=5425&ecran=1600x1200&origine=&origine_force=&frame=0&ParaWysistat=0&CompteurExtranet=0&consent=0&event=&ParaPage=0&ParaProfiling=0&ParaCompte=0&ParaRoi=0&ojd_version=2&cookie=1&deja_cookie=0&id=0.914592238352598_1665638754964&id_int=0.914592238352598_1665638754964&compteur_mois=1&compteur_jour=1&deja_id=0&vu_diff_jour=0&vu_time_prec=1665638754&page_js=https%3A//www.notretemps.com/mes-newsletters%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_133-1724-221013+13-10-2022%26utm_content%3DOptin_NTEEdito+
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/mes-newsletters?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_133-1724-221013+13-10-2022&utm_content=Optin_NTEEdito+
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
95.142.164.50 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-164-50.ghst.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.notretemps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
webworker.js
www.google.com/recaptcha/api2/ Frame 3327 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 05:25:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 13 Oct 2022 05:25:54 GMT
umami.js
stats.qiota.com/ 		0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.notretemps.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 05:25:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.notretemps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
reload
www.google.com/recaptcha/api2/ Frame 3327 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b0e577e8a75ec1c0908f6bf7a060eb24e535450f616305622d13801145053704
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfw3r0UAAAAAA6URsRpLi5VQZ1ePBcf7JqaoJIH&co=aHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&size=invisible&cb=35eb35ca1fs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 13 Oct 2022 05:25:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18755
x-xss-protection
1; mode=block
expires
Thu, 13 Oct 2022 05:25:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.qiota.com
URL
https://stats.qiota.com/umami.js

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| sha256 function| sha224 object| base64js function| Keycloak function| jQuery function| $ object| debounce object| Cookies number| uidEvent object| bootstrap object| getParams object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| reCAPTCHA_execute object| google_tag_manager object| google_tag_data object| didomiOnReady object| didomiEventListeners boolean| gdprAppliesGlobally function| __tcfapi object| _wsq function| onYouTubeIframeAPIReady object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackChunktag object| ABTasty function| ABTastyStartTest function| ABTastyReload object| abtasty function| ABTastyClickTracking function| ABTastyEvent function| ABTastyPageView object| recaptcha object| closure_lm_853938 object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| DidomiSanitizing object| googletag object| adsbygoogle object| didomiState object| onboard string| q_token boolean| q_consent string| q_content_class boolean| q_logged boolean| q_subscribed string| q_ressource_uri object| qiota string| sddanPid string| sddanKeyId boolean| sddanWaitUserChoice object| sddanSegments function| sddanCallback function| getSddanTargeting string| GoogleAnalyticsObject function| ga object| _abtasty object| gaGlobal function| trim function| _wysistat function| _setNom function| _setFrame function| _setParaWysistat function| _setCompteurExtranet function| _setParaPage function| _setPage function| _setParaRoi function| _setParaProfiling function| _setParaCompte function| _setConsentCookie function| _setEvent function| _reset function| _wstopn function| _setAccount function| _setTag function| _setID object| wsq object| wst string| v object| gaplugins object| gaData function| initGA function| initUmami function| initFingerprint2 function| initCookieJS function| compareVersion function| trimHtml function| hiddenContent function| displayLoader function| QiotaInitVP function| replaceButton function| VPinit function| VPexistAds function| VPloadAds function| VPnoAds function| VPcompleteAds function| VPcloseAds function| VPplayAds function| exec_body_scripts function| createEvent function| domReady function| $_GET function| loadScripts function| setQiotaStats function| sendQiotaStats function| renderQiotaAuth function| setupQiota function| renderQiotaSub function| renderQiotaData function| renderQiotaDataOld function| renderQiotaOnboard function| renderQiotaEngage function| qiota_grant string| baseUri string| baseUriStatic string| urlData string| verbData string| jquery_version_min boolean| deactivate_no_load_jquery undefined| global_result undefined| global_q_token undefined| global_site_id undefined| global_callback boolean| initStatus function| triggerJourneyUser function| hashCode number| q_id_article function| setQEmail function| Fingerprint2 undefined| qualifio_uniqid string| q_email string| urlOnboarding object| allcook object| wsd number| wsdjid number| wsvudj string| wsref string| wscli number| wspage number| wsprof number| wscpt number| wscook string| wsecr number| wsdjcook object| wstb function| stat function| wysistat function| ws_getScreenSize function| ws_retVide function| ws_writeCook function| ws_readCook function| ws_majCook function| ws_isCookAccept function| storageAvailable function| ws_getConsent number| valeur number| wysi number| wsconsent object| filters function| _ga_originalSendHitTask undefined| date_expire function| postscribe object| google_tag_manager_external

10 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHtfOcjcI3afgDG8-BL1ar1ez5UxqGAqzh_XxULOUWwnLsvGyTqwE1kh5lGkD0tYjJT2N3iD9ZrHTTSe-6I2xtU
.notretemps.com/ Name: uuid230
Value: bc8a9e3b-ac9a-40dc-85e7-f1abac641704
.notretemps.com/ Name: nlid
Value: 4b30022b|5d7ea48b
.notretemps.com/ Name: nllastdelid
Value: 5d7ea48b
.notretemps.com/ Name: __utmzz
Value: utmcsr=newsletter|utmcmd=email|utmccn=NLNTE_EditoAll_133-1724-221013+13-10-2022|utmcct=Optin_NTEEdito+
.notretemps.com/ Name: __utmzzses
Value: 1
.notretemps.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTgzY2ZjZTYtOGNiZC02MmE1LTg1MGUtOWIzNzA5YzkyNDYwIiwiY3JlYXRlZCI6IjIwMjItMTAtMTNUMDU6MjU6NTQuNTc2WiIsInVwZGF0ZWQiOiIyMDIyLTEwLTEzVDA1OjI1OjU0LjU3NloiLCJ2ZXJzaW9uIjpudWxsfQ==
sso.notretemps.com/ Name: AWSALB
Value: onNuNGDLqE8+oA1bNso4BX84qmUVvhJQ2oiwsD/9D3xdayWRrJ/nCFXBbVMixB0M16WqdrEBPm9yputdOpP3u26aDooHwoVFHpZ0KK+IUSjsZRq3CQvcwuif7n/o
sso.notretemps.com/ Name: AWSALBCORS
Value: onNuNGDLqE8+oA1bNso4BX84qmUVvhJQ2oiwsD/9D3xdayWRrJ/nCFXBbVMixB0M16WqdrEBPm9yputdOpP3u26aDooHwoVFHpZ0KK+IUSjsZRq3CQvcwuif7n/o
www.notretemps.com/ Name: Wysistat
Value: 0.914592238352598_1665638754964%A71%A71665638754964%A71%A71665638754%A70.914592238352598_1665638754964%A71699766754964

1 Console Messages

Source Level URL
Text
network error URL: https://www.wysistat.com/images/undefined/compteur.php?nom=undefined&tps=5425&ecran=1600x1200&origine=&origine_force=&frame=0&ParaWysistat=0&CompteurExtranet=0&consent=0&event=&ParaPage=0&ParaProfiling=0&ParaCompte=0&ParaRoi=0&ojd_version=2&cookie=1&deja_cookie=0&id=0.914592238352598_1665638754964&id_int=0.914592238352598_1665638754964&compteur_mois=1&compteur_jour=1&deja_id=0&vu_diff_jour=0&vu_time_prec=1665638754&page_js=https%3A//www.notretemps.com/mes-newsletters%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_133-1724-221013+13-10-2022%26utm_content%3DOptin_NTEEdito+
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dcinfos-cache.abtasty.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
sso.notretemps.com
static.qiota.com
stats.qiota.com
t.prod1.emailing.notretemps.com
try.abtasty.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.notretemps.com
www.qiota.com
www.wysistat.com
stats.qiota.com
143.204.89.17
2001:4860:4802:34::36
2600:9000:214f:4a00:5:b7cc:d3c0:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
34.107.143.101
46.105.200.165
54.38.250.4
54.77.189.250
65.9.66.39
95.142.164.50
99.86.4.84
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2124d259e9281f4dbc752a3e339c6df623ee8ee7d38a484cd2bff7c950ef1452
23c99db0f9fd836f9bee3e4eb1f74ae6ea5f404e5999754f938513079a2be29b
266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b
2bfd1b816b641fa5047abaf9130fe8a1166f1a8907b33a06e58024faafe9b319
3583cba3a8f4bcb008f39d64479c9ecd2c03ac0b587d1f6dfc830ca13247f772
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47864b1785f5290db902300db9c95e5805b320adea793eff942508a68fae2ee1
4840560deebc4ad341b69c49d7440a47660a036d38157398ae27041f8b3a0f63
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e22f85f3765affd9ccd9e9630828f52b058c7129fb22ec7546431d7cae55c9a
50c0733290dacda21f0c8bd60ea33fd174a155b20f0d981c585fc8bd2f48f953
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6117e8afaf7243babc674a554aaa2258de4e8148ada22b3eec84e6427bb02016
64189f23aca031cf73b491213a0124dd7f5ac8b85bd20ae8eec0020109efdc28
6d1d084b8f2f8cfb6f6dd1920181f93ab85c5dcdfb7299c65a7cd95e88a44161
71236984fc6edb8c3e35400c2d0c5547cb31ab41b13aa3d43edf5dc3ab97ffd2
75e37c21fab48449365c53c3280a64b950a4013c0603e308e40d4fb6ea805308
7a388e1a95cdb56a4bb2c83eed7bc46e892cc2246a098badcd4268a851cfdd1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8351e134b338dd61dcb0dc8a01844f731bb5ab8503371cf84cec49126b1e4456
843a8a71e967489a821d8bd5938b4fb0b9fdaf854e42256237bc21ee70d96957
85820637d02604c8cc87366173c4963141b36ced85733babc083991638384c57
88627f582ca24e262d1c719b7b8413efcdd5c5392b45654b9e2f2ef438e4c21a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9bdcc4a202cb2db2111aa4010a4462255c1ec9f63f0ef3d0f8226228dacd0dfa
a374c424c4bf446e4104f22aecdd7d20ea7f13ec5aebf321a6a0d721593c7810
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a523753ef5a718bde551404158cf74e598a0ebb987927cec8da26aa4005d2d4e
a6b563806fb7ea96b0c038e74576f6ed74394645dbd583aff97a46b206b511fe
ab2613b36908ae0af18b72a551d16dc2abecdfcb56905d46d16812e7bc2fc40c
adf3a4f9c116fecc81d9e05f532836a1c4f8ee23d0be061afcb26b79b88ab37e
b0e577e8a75ec1c0908f6bf7a060eb24e535450f616305622d13801145053704
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c183b039f644cebdf1b73676d7db5eb899461d60a839c1578c398f63132c6a76
ceb6317a51fbe3b5d4bd2264987dc3b7ef956d8e1c3c33828e83259dd5967e2c
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
ddd53ebfe37532e8750617ba36131c51406ea1bcd4bdc99614567c4ff6d91fd0
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c0f440c740fda1de7626b6a391f9d61794ba5c5aa216d7e257cab4791e949
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36ac471e60b62d40f5c613912ea24f6831a672f4a48802a6d62c89d4814094a
fbed2a9e8de4d748ef726e29bad24d1ba8d41774ecdcc611c525c91465f85149
fe11fb93d333b7f8db47a404102f2f20ce2ba1b59982197bf76f5392176bb11f