urlscan.io logo urlscan.io
SecurityTrails logo

www.notretemps.com Open in urlscan Pro
18.164.124.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notretemps.com/r/?id=hb1089b2a,552d4e06,8015a4c4&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT5xhiuJNen6cz8Dk07SzrPJg==&p2...
Effective URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=e...
Submission: On October 22 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 18.164.124.71, located in United States and belongs to AMAZON-02, US. The main domain is www.notretemps.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 20th 2024. Valid for: a year.
This is the only time www.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.33.105.123 16509 (AMAZON-02)
1 2 108.156.107.109 16509 (AMAZON-02)
15 18.164.124.71 16509 (AMAZON-02)
3 217.70.188.223 29169 (GANDI-AS ...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:24f... 16509 (AMAZON-02)
1 18.165.242.40 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 57.129.37.212 16276 (OVH)
27 8
1    63.33.105.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-105-123.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notretemps.com
2    108.156.107.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-107-109.ord56.r.cloudfront.net
sso.notretemps.com
15    18.164.124.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-71.jfk50.r.cloudfront.net
www.notretemps.com
3    217.70.188.223 (France)

ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR)
PTR: xvm-188-223.dc0.ghst.net
www.wysistat.com
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:24f5:7800:a:9c85:8d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.notretemps.com
1    18.165.242.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-242-40.lhr61.r.cloudfront.net
notretemps.com
1    2606:4700:3033::6815:325a (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
3    57.129.37.212 (France)

ASN16276 (OVH, FR)
PTR: ns3219428.ip-57-129-37.eu
events.newsroom.bi
Apex Domain
Subdomains		 Transfer
21 notretemps.com
t.prod1.emailing.notretemps.com
sso.notretemps.com
www.notretemps.com
t.notretemps.com
notretemps.com
1 MB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7140
2 KB
3 wysistat.com
www.wysistat.com — Cisco Umbrella Rank: 100724
6 KB
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 8744
46 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
24 B
27 5
Domain Requested by
15 www.notretemps.com www.notretemps.com
3 events.newsroom.bi sdk.mrf.io
3 www.wysistat.com www.notretemps.com
www.wysistat.com
2 t.notretemps.com www.notretemps.com
2 sso.notretemps.com 1 redirects www.notretemps.com
1 sdk.mrf.io www.notretemps.com
1 notretemps.com t.notretemps.com
1 pagead2.googlesyndication.com www.notretemps.com
1 t.prod1.emailing.notretemps.com 1 redirects
27 9

This site contains no links.

Subject Issuer Validity Valid
notretemps.com
Amazon RSA 2048 M03		 2024-01-20 -
2025-02-16		 a year crt.sh
sso.notretemps.com
Amazon RSA 2048 M02		 2024-10-10 -
2025-11-08		 a year crt.sh
www.wysistat.com
Gandi RSA Domain Validation Secure Server CA 3		 2024-05-28 -
2025-06-28		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
t.notretemps.com
Amazon RSA 2048 M02		 2024-07-16 -
2025-08-14		 a year crt.sh
sdk.mrf.io
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
ssl03.cert.cl15.k8s.mrf.io
E6		 2024-10-18 -
2025-01-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Frame ID: BDB79B4F2FCBE684AE4018FF4184A9BC
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Page URL History Show full URLs

  1. https://t.prod1.emailing.notretemps.com/r/?id=hb1089b2a,552d4e06,8015a4c4&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT5xhiuJNe... HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT5xhiuJNen... HTTP 302
    https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-gril... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

27
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

9
Subdomains

8
IPs

3
Countries

1336 kB
Transfer

2723 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notretemps.com/r/?id=hb1089b2a,552d4e06,8015a4c4&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT5xhiuJNen6cz8Dk07SzrPJg==&p2=NLNTE_EditoAll_93-2279-241022&p3=Optin_NTEEdito&p4=20241022 HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT5xhiuJNen6cz8Dk07SzrPJg%3D%3D&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Fjeux%2Fjeux-en-ligne%2Fmots-melanges%2Fmots-melanges-gratuits-22-octobre-2024-grille-3862%3Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_campaign%253DNLNTE_EditoAll_93-2279-241022%2526utm_content%253DOptin_NTEEdito%2B20241022%2526interest%253Dnte_jeux HTTP 302
    https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mots-melanges-gratuits-22-octobre-2024-grille-3862
www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/
Redirect Chain
  • https://t.prod1.emailing.notretemps.com/r/?id=hb1089b2a,552d4e06,8015a4c4&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT5xhiuJNen6cz8Dk07SzrPJg==&p2=NLNTE_EditoAll_93-2279-241022&p3=Optin_NTEEdito&p4=20241022
  • https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT5xhiuJNen6cz8Dk07SzrPJg%3D%3D&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Fjeux%2Fjeux-en-ligne%2Fmo...
  • https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_...
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0abe06165e46b4ea3d131cd4b8132462764dad1be38703a2dbc23bccd9a501cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Tue, 22 Oct 2024 05:17:59 GMT
server
nginx
tdm-reservation
1
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
x-amz-cf-id
urVp55j9agz6vh0TlbLeCuVwUnkB8aop8SHYWYjLQvEaQ8EaJIfBfQ==
x-amz-cf-pop
JFK50-P7
x-cache
Error from cloudfront

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin
*
access-control-expose-headers
Authorization, X-Total-Count
alt-svc
h3=":443"; ma=86400
content-type
text/html; charset=UTF-8
date
Tue, 22 Oct 2024 05:17:58 GMT
location
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito 20241022&interest=nte_jeux
server
nginx
via
1.1 a450e0b351a4029873d490939b4bf594.cloudfront.net (CloudFront)
x-amz-cf-id
KRFZiVTvLMGD5TQy5LWBatfe5vV7N6U1poLh27TVQ9O1sLS9CwoRRw==
x-amz-cf-pop
ORD56-P2
x-cache
Miss from cloudfront
notretemps.css
www.notretemps.com/css/ 		289 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/css/notretemps.css?version=1.0.80
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
0af0fc4c1de76ff7fa5ff274dce26152717ccf227ec57b2cac6fe84af29ba4cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6711380e-483e3"
age
391889
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
Lr1bRylKBbGW2S5ChwVWU_NdMA8M_2vMGicXQyGXSqMKhAumRxY-xw==
date
Thu, 17 Oct 2024 16:26:30 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 16:15:10 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
app.js
www.notretemps.com/js/ 		258 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/app.js?version=1.0.80
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
145b684203c44b40849075bcb83ccb7072e5d3b59d280cdf145da2ec4418de99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6711380f-406b8"
age
391901
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
DAMHF97s6kgFGTd-4Js-TMxFkSioy30a-tLxYi0bIh4Jo3nh6A5nhQ==
date
Thu, 17 Oct 2024 16:26:18 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 16:15:11 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
keycloak.min.js
sso.notretemps.com/auth/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/js/keycloak.min.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.107.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-107-109.ord56.r.cloudfront.net
Software
nginx /
Resource Hash
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Authorization, X-Total-Count
content-encoding
gzip
etag
W/"61fadcfa-82cc"
age
56983
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B5-Ma5qv0mpA4BMZZNRhhunjuoW3YqMGnKSXt1XsEOuFp4R2oXzScw==
date
Mon, 21 Oct 2024 13:28:16 GMT
content-type
application/javascript
last-modified
Wed, 02 Feb 2022 19:35:22 GMT
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
access-control-allow-credentials
true
via
1.1 a450e0b351a4029873d490939b4bf594.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
ORD56-P2
server
nginx
inter-regular.woff2
www.notretemps.com/fonts/inter/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-regular.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d159867237e01505e63cbf54cd877e25badb9c4c3cc1039d3a2d3ed2c0447085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-185e0"
age
1714030
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
99808
x-amz-cf-id
5SmEch0UELqyptDAwx0go3wn2uSCBPlN_Gifm8Yfh6podbvQhfbE9w==
date
Wed, 02 Oct 2024 09:10:49 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-light.woff2
www.notretemps.com/fonts/inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-light.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
bb4a3ec3b72168ab3203030861c0ca924177945d396a2a3f85db50fa14c698ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-19fc8"
age
1714030
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
106440
x-amz-cf-id
BsBXLFmqtz_klMA4qp_VeOfzTdXw7SsbfPkLLyP1I6a9K1oxi_OOrA==
date
Wed, 02 Oct 2024 09:10:49 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-medium.woff2
www.notretemps.com/fonts/inter/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-medium.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
76f810d32d84c2aaf2d777d0950764a4976bddaa22ba81c2de26c171767c9c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a528"
age
1714032
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
107816
x-amz-cf-id
vcAXYcUgIZMhclLMNzW9_yleXaGRsjrrE628Kdig44M1Ae5rsSl0Eg==
date
Wed, 02 Oct 2024 09:10:47 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-semibold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-semibold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
4f6466a8bd04bc37861af1d2630cb2c3f3a55b63f86611a9d9ddbc7348be1f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a724"
age
1714030
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108324
x-amz-cf-id
_pKMZWtje6OIg57J1vtdXi2X-aJSgAKLKInfnk4bZRuYdt5nDGmrYw==
date
Wed, 02 Oct 2024 09:10:49 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-bold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-bold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a824"
age
1714030
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108580
x-amz-cf-id
DhEzuqi6QIE-24_hesBady6sZFaZ1C6cL9cYoDjY_N6GDj1g8Uk2Zg==
date
Wed, 02 Oct 2024 09:10:49 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-extrabold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-extrabold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
7d58acd43d195a78a4667e3c472660c87b7891722d15f92ef09aea3eed4d656b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a770"
age
1714033
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108400
x-amz-cf-id
ajcJ79Uf46p7t02Un9rbOwzcw-7mkUYUmOcgOcK95OyLxwFx6GIflA==
date
Wed, 02 Oct 2024 09:10:46 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
inter-black.woff2
www.notretemps.com/fonts/inter/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-black.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
9505c350689a90d161ed038f5ba854de008e0014381cf9a5c875006bfb932c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-198cc"
age
1714030
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
104652
x-amz-cf-id
OIBhtiO50KQcT7IeyqfXwPpA-TD7FbeuIInmi6_ZvnNIhh-BWwdJgw==
date
Wed, 02 Oct 2024 09:10:49 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
ads.js
www.notretemps.com/js/ 		239 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/ads.js?version=1.0.80
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
ceb7ba778ddd9852be3ad105c24f30ab2553266a1b78ad8733d76a53c19619bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6711380f-ef"
age
391907
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
S2IcULc0cwroahhXj3za6RN22UB0KGVIe2jSMQgKCwx1KgclCuQtfA==
date
Thu, 17 Oct 2024 16:26:12 GMT
content-type
application/javascript
last-modified
Thu, 17 Oct 2024 16:15:11 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
ws.jsa
www.wysistat.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/ws.jsa
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.188.223 , France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-188-223.dc0.ghst.net
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
d2567969574cfef6e14b1d8cd7cd09e9bbd18189d24e7a7ccc8892bdb79ff699

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

ETag
"b89-60f4a94033732"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2953
Keep-Alive
timeout=5, max=100
Date
Tue, 22 Oct 2024 05:18:00 GMT
Last-Modified
Fri, 19 Jan 2024 11:14:05 GMT
Server
Apache/2.4.58 (Ubuntu)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/js/ads.js?version=1.0.80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

content-encoding
br
etag
9042086692756228922
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 05:17:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 22 Oct 2024 05:17:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53095
x-xss-protection
0
server
cafe
gtm.js
t.notretemps.com/ 		393 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-KP37JNG
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f5:7800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1b0346e2a7ba2ef0804745d4d5c228079142b9e8556578f68a2dd0969fcabde1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 305fa1d7f9df4e42edba1bba6d0ebb56.cloudfront.net (CloudFront)
expires
Tue, 22 Oct 2024 05:32:01 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
C89RE4EXpFUuaokn9uq5EbvVyqH8X6tLk9M8UxJWeTt5Ti1nwjPdQw==
date
Tue, 22 Oct 2024 05:18:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 22 Oct 2024 03:00:00 GMT
server
nginx
x-amz-cf-pop
IAD55-P4
vary
Accept-Encoding
gtm.js
t.notretemps.com/ 		404 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f5:7800:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aaac1f5832b2b952d29f7b810bad279d9902b7586a09bba8dcbc28909c91874b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 305fa1d7f9df4e42edba1bba6d0ebb56.cloudfront.net (CloudFront)
expires
Tue, 22 Oct 2024 05:32:43 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
Cbymdrc0ggjZL2pvS9a1pdIWmHieDNXULYR1ecC0sN9krH_H3BvX3g==
date
Tue, 22 Oct 2024 05:18:00 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 22 Oct 2024 03:00:00 GMT
server
nginx
x-amz-cf-pop
IAD55-P4
vary
Accept-Encoding
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
6f8dbb1f90143a56d5180680e0be1be01a66da2be11bdb9e6133d09fba58e615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"66fd0c06-a0b"
age
1714026
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
XbckY5FCVBCpDUcUqZMYip9OX13dATsJS5tH6S2pXc_LSk1b1HT0aA==
date
Wed, 02 Oct 2024 09:10:53 GMT
content-type
image/svg+xml
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
error.jpg
www.notretemps.com/images/notretemps/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/error.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
bad4ac8ffa619d587e89b833baca95d30843a5f44205e8953f3e8d1e86be1752

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

cache-control
max-age=31104000, public
etag
"66fd2117-1b225"
age
1708209
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
111141
x-amz-cf-id
wdqU7lngSuG9ihdFMn1ja6ebi8eB0jByHpXUJb0iIEzEV4PcfNOxIQ==
date
Wed, 02 Oct 2024 10:47:50 GMT
content-type
image/jpeg
last-modified
Wed, 02 Oct 2024 10:31:51 GMT
server
nginx
x-amz-cf-pop
JFK50-P7
statistique.js
www.wysistat.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/statistique.js
Requested by
Host: www.wysistat.com
URL: https://www.wysistat.com/ws.jsa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.188.223 , France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-188-223.dc0.ghst.net
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
2328c29c1c100a298d8cdae2c9aa4e8b0ecd7d867f178d55abe8311fe0ef8024

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

Cache-Control
public, max-age=129600, must-revalidate
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
2505
Keep-Alive
timeout=5, max=99
Date
Tue, 22 Oct 2024 05:18:00 GMT
Last-Modified
Fri, 03 Mar 2023 13:24:11 GMT
Vary
Accept-Encoding
Server
Apache/2.4.58 (Ubuntu)
Content-Type
application/x-javascript; charset=ISO8859-15
compteur.php
www.wysistat.com/images/notretemps/ 		43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wysistat.com/images/notretemps/compteur.php?nom=notretemps&tps=018&ecran=1600x1200&origine=&origine_force=&frame=0&ParaWysistat=0&CompteurExtranet=0&consent=0&event=&SubAccount=&ParaPage=0&ParaProfiling=0&ParaCompte=0&ParaRoi=0&ojd_version=2&cookie=1&deja_cookie=0&id=0.20336763663185997_1729574280380&id_int=0.20336763663185997_1729574280380&compteur_mois=1&compteur_jour=1&deja_id=0&vu_diff_jour=0&vu_time_prec=1729574280&page_js=https%3A//www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_93-2279-241022%26utm_content%3DOptin_NTEEdito%252020241022%26interest%3Dnte_jeux
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.70.188.223 , France, ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR),
Reverse DNS
xvm-188-223.dc0.ghst.net
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=98
Date
Tue, 22 Oct 2024 05:18:00 GMT
Content-Type
image/gif
Server
Apache/2.4.58 (Ubuntu)
Connection
Keep-Alive
js
notretemps.com/metrics/gtag/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notretemps.com/metrics/gtag/js?id=G-59S2NR2W4V&l=dataLayer&cx=c&sign=20411bd8900e4b8e4655f98867cf85c478555932bf5de3d489a4e48d7d00fea9_20241022
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.242.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-242-40.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
22e52c3d50c19c3757923b317925ee88b8c6e17e9fed0c80b6cd2c25226081cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 4a8197e6398e6e94f47dd8f27e4004a4.cloudfront.net (CloudFront)
expires
Tue, 22 Oct 2024 05:32:17 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
NsFj_CtCXZ1kh7nc6QWT3wECh8retgvSwslrQVUzRhKSoulLkW4FFg==
date
Tue, 22 Oct 2024 05:18:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
LHR61-P6
marfeel-sdk.js
sdk.mrf.io/statics/ 		166 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:325a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe125e56b536c31e27d0c71f9dbd5175c027a3ea3a58b269a3b57962d0bc918

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
148
x-response-time
24ms
alt-svc
h3=":443"; ma=86400
date
Tue, 22 Oct 2024 05:18:00 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 05:11:08 GMT
vary
Accept-Encoding
cache-control
max-age=1800
x-envoy-upstream-service-time
44
cf-ray
8d67063748680fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
46452
server
cloudflare
ingest.php
events.newsroom.bi/ 		165 B
909 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3219428.ip-57-129-37.eu
Software
istio-envoy /
Resource Hash
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
120
date
Tue, 22 Oct 2024 05:18:01 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
rfv.php
events.newsroom.bi/data/ 		27 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3219428.ip-57-129-37.eu
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
42
date
Tue, 22 Oct 2024 05:18:01 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
favicon.ico
www.notretemps.com/ 		1 KB
910 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
12bbf6e3407e1e20b895a13cfadafe19692948d7c7393bd15397d9c019a7160e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

content-encoding
gzip
age
1714038
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 09:10:43 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
YdoRz4EqUvD2TwVomZIQGvhvUQyub-m8ooOomxZtUFnP09wckO8p-g==
date
Wed, 02 Oct 2024 09:10:43 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 02 Oct 2024 09:10:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
must-revalidate, public, s-maxage=2592000
x-backend
notretempsc203.cs.bayard.local
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P7
server
nginx
favicon-32x32.png
www.notretemps.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-71.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
13317fb2c79c947092a795a3efdcb5fc6991c513838a28044a59e273e5fe0ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux

Response headers

age
1714038
x-content-type-options
nosniff
expires
Fri, 01 Nov 2024 09:10:43 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
a96Z1mFw8V7EGZplUAHOfpMn4Gwys5FQDc3l6Ro8MrBUlNvp5mirUQ==
date
Wed, 02 Oct 2024 09:10:43 GMT
content-type
image/png
last-modified
Wed, 02 Oct 2024 09:10:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
must-revalidate, public, s-maxage=2592000
x-backend
notretempsc202.cs.bayard.local
via
1.1 2ea9039b9f2f8786d91875568c2764d6.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P7
server
nginx
ingest.php
events.newsroom.bi/ 		2 B
782 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.212 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3219428.ip-57-129-37.eu
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
2
date
Tue, 22 Oct 2024 05:18:02 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wsq object| dataLayer function| trim function| _wysistat function| _setNom function| _setFrame function| _setParaWysistat function| _setCompteurExtranet function| _setParaPage function| _setPage function| _setParaRoi function| _setParaProfiling function| _setParaCompte function| _setConsentCookie function| _setEvent function| _setSubAccount function| _reset function| _wstopn function| _setAccount function| _setTag function| _setID object| wsq object| wst string| v string| wscli number| wscook string| wsecr function| stat function| wysistat function| ws_getScreenSize function| ws_retVide function| ws_writeCook function| ws_readCook function| ws_majCook function| ws_isCookAccept function| storageAvailable function| ws_encode function| ws_getConsent number| valeur number| wysi object| google_tag_manager object| google_tag_data number| bayard_first_visit_ga string| pageType function| e function| t object| marfeel object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

20 Cookies

Domain/Path Name / Value
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_IDENTITY
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZDUxMWMxMy00ODVmLTRjNzAtOGMxMy02YTJhYjRmMmM1YzgifQ.eyJleHAiOjE3NjQxMzQyNzgsImlhdCI6MTcyOTU3NDI3OCwianRpIjoiZjY2ZTBkZDItZDJjNi00NTQ3LWE2ODUtOWZiMWJjNWZkMzg2IiwiaXNzIjoiaHR0cHM6Ly9zc28ubm90cmV0ZW1wcy5jb20vYXV0aC9yZWFsbXMvYmF5YXJkIiwic3ViIjoiNDJlZjRhNzAtODJhMC00MzgxLWE5YTYtNmVhYzQxMzdiYjEyIiwidHlwIjoiU2VyaWFsaXplZC1JRCIsInNlc3Npb25fc3RhdGUiOiI1NmViZjA4OS04ZDNlLTQ3MjctOWNiOS04NDU0NjVmZjE2NjEiLCJzaWQiOiI1NmViZjA4OS04ZDNlLTQ3MjctOWNiOS04NDU0NjVmZjE2NjEiLCJzdGF0ZV9jaGVja2VyIjoiM2k0eVBMRVlaRjQ4dHhaTXNTTXFpeWh6MVQyQmI1djlrbmVhM19QNkVXdyJ9.TwfhBMUMkn8vnx27tjWT5CHa3tQ5vjpM9AD454i5fDo
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_IDENTITY_LEGACY
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZDUxMWMxMy00ODVmLTRjNzAtOGMxMy02YTJhYjRmMmM1YzgifQ.eyJleHAiOjE3NjQxMzQyNzgsImlhdCI6MTcyOTU3NDI3OCwianRpIjoiZjY2ZTBkZDItZDJjNi00NTQ3LWE2ODUtOWZiMWJjNWZkMzg2IiwiaXNzIjoiaHR0cHM6Ly9zc28ubm90cmV0ZW1wcy5jb20vYXV0aC9yZWFsbXMvYmF5YXJkIiwic3ViIjoiNDJlZjRhNzAtODJhMC00MzgxLWE5YTYtNmVhYzQxMzdiYjEyIiwidHlwIjoiU2VyaWFsaXplZC1JRCIsInNlc3Npb25fc3RhdGUiOiI1NmViZjA4OS04ZDNlLTQ3MjctOWNiOS04NDU0NjVmZjE2NjEiLCJzaWQiOiI1NmViZjA4OS04ZDNlLTQ3MjctOWNiOS04NDU0NjVmZjE2NjEiLCJzdGF0ZV9jaGVja2VyIjoiM2k0eVBMRVlaRjQ4dHhaTXNTTXFpeWh6MVQyQmI1djlrbmVhM19QNkVXdyJ9.TwfhBMUMkn8vnx27tjWT5CHa3tQ5vjpM9AD454i5fDo
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_SESSION
Value: bayard%2F42ef4a70-82a0-4381-a9a6-6eac4137bb12%2F56ebf089-8d3e-4727-9cb9-845465ff1661
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_SESSION_LEGACY
Value: bayard%2F42ef4a70-82a0-4381-a9a6-6eac4137bb12%2F56ebf089-8d3e-4727-9cb9-845465ff1661
.notretemps.com/ Name: AMCV_551310525D816F350A495C48%40AdobeOrg
Value: MCMID%7C04323455642275676153510194170209763327
.notretemps.com/ Name: nlid
Value: b1089b2a|552d4e06
.notretemps.com/ Name: nllastdelid
Value: 552d4e06
sso.notretemps.com/ Name: AWSALB
Value: bvKL1GoqLUFxRPD2BH5%2B7tmcFI%2FFdRx%2F%2FJ0o8H%2FXBkCt4RkINQwjKuBCcO9Hoz0Z9%2F1N7bhsdjJ5RayIP54t0OYyceeaefwghsbxQKmjJYgxkuknqfQGL%2FiGn2%2Bw
sso.notretemps.com/ Name: AWSALBCORS
Value: bvKL1GoqLUFxRPD2BH5%2B7tmcFI%2FFdRx%2F%2FJ0o8H%2FXBkCt4RkINQwjKuBCcO9Hoz0Z9%2F1N7bhsdjJ5RayIP54t0OYyceeaefwghsbxQKmjJYgxkuknqfQGL%2FiGn2%2Bw
www.notretemps.com/ Name: Wysistat
Value: 0.20336763663185997_1729574280380%C3%AF%C2%BF%C5%931%C3%AF%C2%BF%C5%931729574280380%C3%AF%C2%BF%C5%931%C3%AF%C2%BF%C5%931729574280%C3%AF%C2%BF%C5%930.20336763663185997_1729574280380%C3%AF%C2%BF%C5%931763702280380
.notretemps.com/ Name: __utmzz
Value: utmcsr=newsletter|utmcmd=email|utmccn=NLNTE_EditoAll_93-2279-241022|utmcct=Optin_NTEEdito%2020241022
.notretemps.com/ Name: __utmzzses
Value: 1
.notretemps.com/ Name: __utmzzfirst
Value: utmcsr=newsletter|utmcmd=email|utmccn=NLNTE_EditoAll_93-2279-241022|utmcct=Optin_NTEEdito%2020241022
.notretemps.com/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1729574280%2C%22currentVisitStarted%22%3A1729574280%2C%22sessionId%22%3A%22cdf2bd17-e86c-4425-856a-1d28a3acaa9f%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_93-2279-241022%26utm_content%3DOptin_NTEEdito%252020241022%26interest%3Dnte_jeux%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.notretemps.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1729574280%2C%22userId%22%3A%221da3f98d-1018-4cd8-80c0-b965d5fc3731%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1729574280%2C%22timesVisited%22%3A1%7D
.notretemps.com/ Name: compass_uid
Value: 1da3f98d-1018-4cd8-80c0-b965d5fc3731
events.newsroom.bi/ Name: 3303_u
Value: 1da3f98d-1018-4cd8-80c0-b965d5fc3731
events.newsroom.bi/ Name: 3303_s
Value: cdf2bd17-e86c-4425-856a-1d28a3acaa9f
events.newsroom.bi/ Name: 3303_lv
Value: null
events.newsroom.bi/ Name: 3303_ut
Value: 0

1 Console Messages

Source Level URL
Text
network error URL: https://www.notretemps.com/jeux/jeux-en-ligne/mots-melanges/mots-melanges-gratuits-22-octobre-2024-grille-3862?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_93-2279-241022&utm_content=Optin_NTEEdito%2020241022&interest=nte_jeux
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.newsroom.bi
notretemps.com
pagead2.googlesyndication.com
sdk.mrf.io
sso.notretemps.com
t.notretemps.com
t.prod1.emailing.notretemps.com
www.notretemps.com
www.wysistat.com
108.156.107.109
18.164.124.71
18.165.242.40
217.70.188.223
2600:9000:24f5:7800:a:9c85:8d80:93a1
2606:4700:3033::6815:325a
2607:f8b0:4004:c17::9b
57.129.37.212
63.33.105.123
0abe06165e46b4ea3d131cd4b8132462764dad1be38703a2dbc23bccd9a501cf
0af0fc4c1de76ff7fa5ff274dce26152717ccf227ec57b2cac6fe84af29ba4cc
12bbf6e3407e1e20b895a13cfadafe19692948d7c7393bd15397d9c019a7160e
13317fb2c79c947092a795a3efdcb5fc6991c513838a28044a59e273e5fe0ca6
145b684203c44b40849075bcb83ccb7072e5d3b59d280cdf145da2ec4418de99
1b0346e2a7ba2ef0804745d4d5c228079142b9e8556578f68a2dd0969fcabde1
22e52c3d50c19c3757923b317925ee88b8c6e17e9fed0c80b6cd2c25226081cb
2328c29c1c100a298d8cdae2c9aa4e8b0ecd7d867f178d55abe8311fe0ef8024
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
4f6466a8bd04bc37861af1d2630cb2c3f3a55b63f86611a9d9ddbc7348be1f1c
6f8dbb1f90143a56d5180680e0be1be01a66da2be11bdb9e6133d09fba58e615
76f810d32d84c2aaf2d777d0950764a4976bddaa22ba81c2de26c171767c9c54
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7d58acd43d195a78a4667e3c472660c87b7891722d15f92ef09aea3eed4d656b
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74
9505c350689a90d161ed038f5ba854de008e0014381cf9a5c875006bfb932c12
aaac1f5832b2b952d29f7b810bad279d9902b7586a09bba8dcbc28909c91874b
b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678
bad4ac8ffa619d587e89b833baca95d30843a5f44205e8953f3e8d1e86be1752
bb4a3ec3b72168ab3203030861c0ca924177945d396a2a3f85db50fa14c698ff
ceb7ba778ddd9852be3ad105c24f30ab2553266a1b78ad8733d76a53c19619bd
d159867237e01505e63cbf54cd877e25badb9c4c3cc1039d3a2d3ed2c0447085
d2567969574cfef6e14b1d8cd7cd09e9bbd18189d24e7a7ccc8892bdb79ff699
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a
efe125e56b536c31e27d0c71f9dbd5175c027a3ea3a58b269a3b57962d0bc918