m.prod1.emailing.notretemps.com Open in urlscan Pro
52.31.152.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a849&p1=xHq2BhSBjPgnce9YVRhGqrN4HxsN/JSr
Effective URL:
https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Submission: On October 17 via api (October 17th 2022, 5:50:52 pm UTC) from BE — Scanned from DE

Summary HTTP 13 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 52.31.152.147, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is m.prod1.emailing.notretemps.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on June 13th 2022. Valid for: a year.

This is the only time m.prod1.emailing.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.31.152.147 52.31.152.147	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
8	52.222.236.102 52.222.236.102	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
13	4

3 52.31.152.147 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-152-147.eu-west-1.compute.amazonaws.com

t.prod1.emailing.notretemps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.prod1.emailing.notretemps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.222.236.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-102.fra56.r.cloudfront.net

static.bayard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bayard.io static.bayard.io — Cisco Umbrella Rank: 917678	369 KB
3	notretemps.com 1 redirects t.prod1.emailing.notretemps.com m.prod1.emailing.notretemps.com	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
13	4

	Domain	Requested by
8	static.bayard.io	m.prod1.emailing.notretemps.com
2	fonts.googleapis.com	m.prod1.emailing.notretemps.com
2	t.prod1.emailing.notretemps.com	1 redirects m.prod1.emailing.notretemps.com
1	fonts.gstatic.com	fonts.googleapis.com
1	m.prod1.emailing.notretemps.com
13	5

This site contains links to these domains. Also see Links.

Domain
t.prod1.emailing.notretemps.com

Subject Issuer	Validity	Valid
t.prod1.emailing.notretemps.com Gandi Standard SSL CA 2	`2022-06-13` - `2023-06-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
static.bayard.io Amazon	`2022-10-16` - `2023-11-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Frame ID: CE8A67AAB69A19A26CE1FD4A64696C68
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PROLONGATION !

Page URL History Show full URLs

https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a849&p1=xHq2BhSBjPgnce9YVRhGqrN4HxsN/JSr HTTP 302
https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

406 kB
Transfer

442 kB
Size

3
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a848&p1=jeudi13juillet@hotmail.com&p2=PROMONTE221017_Abonnement_Rentree_T5&p3=Optin_NTEFidPP&p4=20221017&p5=bf394d10f88ba25d166a795f5a9d05d6
Title: Me désinscrire

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84a&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84b&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: 2€50/mois seulement, soit 40%* de remise + VOS 2 CADEAUX EXCLUSIFS !

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84c&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: JE M'ABONNE

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84d&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: En cadeau, votre paire de bâtons de marche et de randonnée DECATHLON ajustables à votre taille + en EXCLUSIVITE L'agenda QUO VADIS 2023 !

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84e&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a84f&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a850&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: JE LES VEUX !

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a851&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a852&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: En plus de la version papier, compris dans votre abonnement : + la version numérique + chaque lundi, votre RDV hebdomadaire avec les experts de la rédaction dans une newsletter 100% éditoriale réservée aux abonnés.

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a853&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017
Title: J’EN PROFITE !

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a854&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a855&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a856&p1=PROMONTE221017_Abonnement_Rentree_T5&p2=Optin_NTEFidPP&p3=20221017

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a857
Title: nous contacter

Search URL Search Domain Scan URL

URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a858&p1=jeudi13juillet@hotmail.com&p2=PROMONTE221017_Abonnement_Rentree_T5&p3=Optin_NTEFidPP&p4=20221017&p5=bf394d10f88ba25d166a795f5a9d05d6
Title: se désabonner

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a849&p1=xHq2BhSBjPgnce9YVRhGqrN4HxsN/JSr HTTP 302
https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request m.jsp Show response
m.prod1.emailing.notretemps.com/nl/jsp/
Redirect Chain

https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,7ff5a849&p1=xHq2BhSBjPgnce9YVRhGqrN4HxsN/JSr
https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr

36 KB
5 KB

109ms
74ms

Document
text/html

52.31.152.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.152.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-152-147.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ee1a274ddc50cb76da9c6fe1a12e2c7b89ce1b5373e03b7718701942d7085998

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 4623
content-security-policy: script-src 'none'
content-type: text/html; charset=utf-8
date: Mon, 17 Oct 2022 17:50:47 GMT
server: Apache
vary: Accept-Encoding
x-robots-tag: noindex
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

content-length: 17
content-type: text/plain; charset=utf-8
date: Mon, 17 Oct 2022 17:50:47 GMT
location: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
p3p: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server: Apache
x-robots-tag: noindex

GET
H2 200 css
fonts.googleapis.com/ 10 KB
742 B 133ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800&display=swap

Requested by

Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e348cc4c328f9915c3b7b87a0a9659e0b2389ce112151c13f30af26cec748a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 17:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 16:59:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 17:50:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ 769 B
894 B 132ms
47ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Serif+Text:ital@1&display=swap

Requested by

Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eadd52c6e936d557654d48d89b360532cc2985152f4f660f803c0aeacb5ad78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Oct 2022 17:50:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 17:50:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Oct 2022 17:50:47 GMT

GET
H2 200 tps5-img-01-septembre-2022.gif
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 137 KB
138 KB 41ms
15ms Image
image/gif 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-01-septembre-2022.gif
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e851b415d7c57f3e25f09374ba7efc41d3199ddf3cb9c8b6e0b8671a54f598f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: IpZf5WBb4lgpS.NBBW3K5TrSVbRkqDlx
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491296
x-amz-meta-mode: 33204
content-length: 140707
last-modified: Tue, 11 Oct 2022 12:28:17 GMT
server: AmazonS3
etag: "e7e13060747c2f878516350c22e7c401"
x-amz-meta-uid: 10680
content-type: image/gif
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: Mt8nC5c8Dq3pzTc6PtaYkDwI_yt6dakl7mGq-EhjE9BvI4WG6l9vwA==
x-amz-meta-mtime: 1665491296

GET
H2 200 tps5-img-02-septembre-2022.jpg
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 60 KB
61 KB 34ms
8ms Image
image/jpeg 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-02-septembre-2022.jpg
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d182c105eae56caf09e2244c422a48edec71d60cf9ccb3e08ef64f332b8cb6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:12 GMT
x-amz-version-id: .QDpwMXxCah1i1v6uq0LLG92tacZ2yEJ
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49836
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491294
x-amz-meta-mode: 33204
content-length: 61924
last-modified: Tue, 11 Oct 2022 12:28:15 GMT
server: AmazonS3
etag: "b19e1924126a516fa3fad192d61a8d44"
x-amz-meta-uid: 10680
content-type: image/jpeg
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: 4JlE-_TLzfnD9R2lFoBynI-6Lo1L3r1qmn2FJwBX_xZAKG6CUmnhqw==
x-amz-meta-mtime: 1665491294

GET
H2 200 tps5-img-03b-septembre-2022.jpg
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 28 KB
29 KB 35ms
10ms Image
image/jpeg 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-03b-septembre-2022.jpg
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35d2c2f5ed54cddbd6c672a3ed845ebafdd033646ff9771a2fc5f3df8865485b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: suYUyQB4neWUF.hPtoEEwGuBMYU62aGZ
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665560761
x-amz-meta-mode: 33204
content-length: 28885
last-modified: Wed, 12 Oct 2022 07:47:58 GMT
server: AmazonS3
etag: "39dc2b421f20497924e605d2ac75b3ec"
x-amz-meta-uid: 10680
content-type: image/jpeg
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: k9lcPV72PbokpbbUrBmMafb1b0qACXLb2aoeIh5joY3MC7P_twkJIA==
x-amz-meta-mtime: 1665560761

GET
H2 200 tps5-img-04-septembre-2022.jpg
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 59 KB
59 KB 42ms
17ms Image
image/jpeg 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-04-septembre-2022.jpg
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5eded45443b0bc254915cee7673c1c61235cc109f8c7dc0e9e0f8c1d85aae7fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: ZUCJrfDHOmIKiQ6dqo1l4EEN.ivU1qbc
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491294
x-amz-meta-mode: 33204
content-length: 60363
last-modified: Tue, 11 Oct 2022 12:28:15 GMT
server: AmazonS3
etag: "e4fc293273f6a4a5e2f486d67a2cabac"
x-amz-meta-uid: 10680
content-type: image/jpeg
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: 4cQQltDALHRulqiH7wxYTvSFk8cnXmKA6mf1a6fBSZiRhEH1hJE9hQ==
x-amz-meta-mtime: 1665491294

GET
H2 200 tps5-img-08-septembre-2022.png
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 5 KB
5 KB 41ms
16ms Image
image/png 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-08-septembre-2022.png
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35036dea8319d64715c56e0860fada3d266ca436ae67f0ec30bace924e4c2439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: 0h3K5xtnFR105ppBhR23_TT6F3qufaDm
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491296
x-amz-meta-mode: 33204
content-length: 5065
last-modified: Tue, 11 Oct 2022 12:28:17 GMT
server: AmazonS3
etag: "4322f567d6a7eb1f857fa07f97688460"
x-amz-meta-uid: 10680
content-type: image/png
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: h1RwaGUxbGEs41tvaxUxbz3lDXB3wSmutdA_Zix6SArbK_yTjko57w==
x-amz-meta-mtime: 1665491296

GET
H2 200 tps5-img-05-septembre-2022.jpg
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 55 KB
56 KB 40ms
15ms Image
image/jpeg 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-05-septembre-2022.jpg
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cb4f9bca587ede2c17cb5456c7c93cda3cfc170920fd70f439ece206add55c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: Ok5lpXug2XCEjYEgg5Ryl.8LhnKP72W.
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491295
x-amz-meta-mode: 33204
content-length: 56763
last-modified: Tue, 11 Oct 2022 12:28:16 GMT
server: AmazonS3
etag: "46ffccaca1865a8917e8a972ee2aac18"
x-amz-meta-uid: 10680
content-type: image/jpeg
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: 43yvJOFBHJThGHl7YOCCX9fFUjrEu-Bg4lWaWMqMyUIdmAYaIokn3w==
x-amz-meta-mtime: 1665491295

GET
H2 200 tps5-img-06-septembre-2022.png
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 12 KB
13 KB 24ms
24ms Image
image/png 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-06-septembre-2022.png
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59db23e938315486f05dae2c29d4815238404fa6fcfdf04d484cfea1fbdd9fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: 4.fi0WrWhim.x1R4lULK9B8XFTW3sbCE
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491297
x-amz-meta-mode: 33204
content-length: 12416
last-modified: Tue, 11 Oct 2022 12:28:18 GMT
server: AmazonS3
etag: "45ecfc10e4047317eb8635db8aa2bb1d"
x-amz-meta-uid: 10680
content-type: image/png
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: iXlvuVsNGIO3LVX4i96QjUj0cCFX9nqhZbA46cOYAp0B5rZTKVXqYQ==
x-amz-meta-mtime: 1665491297

GET
H2 200 tps5-img-07-septembre-2022.png
static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/ 7 KB
8 KB 24ms
24ms Image
image/png 52.222.236.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bayard.io/boutique.notretemps.com/prospnotretemps/2022/rentree_22/T5/tps5-img-07-septembre-2022.png
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e04d365dd421c99c57d3612ebc365df48639a738b4a15b94c69845c2e0c2ea0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 04:00:18 GMT
x-amz-version-id: E_z2VByJQpL0gjBqvnYmz51_JDW75GFm
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 49830
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1665491293
x-amz-meta-mode: 33204
content-length: 7381
last-modified: Tue, 11 Oct 2022 12:28:14 GMT
server: AmazonS3
etag: "28c8419fe2eeb9f9d2f242f4f8bc026f"
x-amz-meta-uid: 10680
content-type: image/png
x-amz-meta-gid: 10000
cache-control: max-age=31536000, public
x-amz-cf-id: 0A3R94UEgawpCl1V8s3ITNGhYGoJ_TfQxDcGWBnpWk5A_gWFpqjIGg==
x-amz-meta-mtime: 1665491293

GET
H2 200 /
t.prod1.emailing.notretemps.com/r/ 44 B
171 B 31ms
31ms Image
image/gif 52.31.152.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.prod1.emailing.notretemps.com/r/?id=h60c89ef0,5d7c69ab,1
Requested by: Host: m.prod1.emailing.notretemps.com
URL: https://m.prod1.emailing.notretemps.com/nl/jsp/m.jsp?c=xHq2BhSBjPgnce9YVRhGqrN4HxsN%2FJSr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.152.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-152-147.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.prod1.emailing.notretemps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 17:50:47 GMT
cache-control: no-cache
server: Apache
x-robots-tag: noindex
content-length: 44
content-type: image/gif

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 132ms
41ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.prod1.emailing.notretemps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 317365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 01:41:22 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.notretemps.com/	1970-01-20 16:23:09	Name: uuid230 Value: ecc4ab43-7ad7-483c-8de5-9965169e2551
.notretemps.com/	1969-12-31 23:59:59	Name: nlid Value: 60c89ef0\|5d7c69ab
.notretemps.com/	1970-01-20 16:23:09	Name: nllastdelid Value: 5d7c69ab

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'none'
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
m.prod1.emailing.notretemps.com
static.bayard.io
t.prod1.emailing.notretemps.com
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
52.222.236.102
52.31.152.147
2e09cc2e7dde2d5636fe0bed0d424e497967fbcbfbc380ff278d856b068abf5f
35036dea8319d64715c56e0860fada3d266ca436ae67f0ec30bace924e4c2439
35d2c2f5ed54cddbd6c672a3ed845ebafdd033646ff9771a2fc5f3df8865485b
3d182c105eae56caf09e2244c422a48edec71d60cf9ccb3e08ef64f332b8cb6e
5eded45443b0bc254915cee7673c1c61235cc109f8c7dc0e9e0f8c1d85aae7fa
8cb4f9bca587ede2c17cb5456c7c93cda3cfc170920fd70f439ece206add55c2
8eadd52c6e936d557654d48d89b360532cc2985152f4f660f803c0aeacb5ad78
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
e04d365dd421c99c57d3612ebc365df48639a738b4a15b94c69845c2e0c2ea0e
e348cc4c328f9915c3b7b87a0a9659e0b2389ce112151c13f30af26cec748a6f
e851b415d7c57f3e25f09374ba7efc41d3199ddf3cb9c8b6e0b8671a54f598f1
ee1a274ddc50cb76da9c6fe1a12e2c7b89ce1b5373e03b7718701942d7085998
f59db23e938315486f05dae2c29d4815238404fa6fcfdf04d484cfea1fbdd9fe

m.prod1.emailing.notretemps.com Open in urlscan Pro 52.31.152.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

406 kBTransfer

442 kBSize

3 Cookies

16 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

m.prod1.emailing.notretemps.com Open in urlscan Pro
52.31.152.147 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

406 kB
Transfer

442 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions