urlscan.io logo urlscan.io
SecurityTrails logo

www.notretemps.com Open in urlscan Pro
18.172.112.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notretemps.com/r/?id=hbbf85f58,51eb4c1e,8018d0c7&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT55ugo8p1vS/zhPyE1qT2kvg==&p2...
Effective URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&u...
Submission: On December 10 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 27 HTTP transactions. The main IP is 18.172.112.97, located in United States and belongs to AMAZON-02, US. The main domain is www.notretemps.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 20th 2024. Valid for: a year.
This is the only time www.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.208.20.191 16509 (AMAZON-02)
1 2 65.9.66.29 16509 (AMAZON-02)
16 18.172.112.97 16509 (AMAZON-02)
3 57.128.80.55 16276 (OVH OVH SAS)
1 142.250.185.98 15169 (GOOGLE)
2 2600:9000:276... 16509 (AMAZON-02)
1 172.67.159.162 13335 (CLOUDFLAR...)
3 141.94.155.186 16276 (OVH OVH SAS)
27 7
1    52.208.20.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-20-191.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notretemps.com
2    65.9.66.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-29.fra56.r.cloudfront.net
sso.notretemps.com
16    18.172.112.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-97.fra60.r.cloudfront.net
www.notretemps.com
notretemps.com
3    57.128.80.55 (France)

ASN16276 (OVH OVH SAS, FR)
www.wysistat.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
2    2600:9000:2761:d000:a:9c85:8d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.notretemps.com
1    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
3    141.94.155.186 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3241982.ip-141-94-155.eu
events.newsroom.bi
Apex Domain
Subdomains		 Transfer
21 notretemps.com
t.prod1.emailing.notretemps.com
sso.notretemps.com
www.notretemps.com
t.notretemps.com
notretemps.com — Cisco Umbrella Rank: 801033
1 MB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7097
2 KB
3 wysistat.com
www.wysistat.com — Cisco Umbrella Rank: 100347
6 KB
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9039
46 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
24 B
27 5
Domain Requested by
15 www.notretemps.com www.notretemps.com
3 events.newsroom.bi sdk.mrf.io
3 www.wysistat.com www.notretemps.com
www.wysistat.com
2 t.notretemps.com www.notretemps.com
2 sso.notretemps.com 1 redirects www.notretemps.com
1 sdk.mrf.io www.notretemps.com
1 notretemps.com t.notretemps.com
1 pagead2.googlesyndication.com www.notretemps.com
1 t.prod1.emailing.notretemps.com 1 redirects
27 9

This site contains no links.

Subject Issuer Validity Valid
notretemps.com
Amazon RSA 2048 M03		 2024-01-20 -
2025-02-16		 a year crt.sh
sso.notretemps.com
Amazon RSA 2048 M02		 2024-10-10 -
2025-11-08		 a year crt.sh
www.wysistat.com
Gandi RSA Domain Validation Secure Server CA 3		 2024-05-28 -
2025-06-28		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
t.notretemps.com
Amazon RSA 2048 M02		 2024-07-16 -
2025-08-14		 a year crt.sh
sdk.mrf.io
WE1		 2024-11-18 -
2025-02-16		 3 months crt.sh
ssl03.cert.cl11.k8s.mrf.io
E5		 2024-11-25 -
2025-02-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Frame ID: 139DA3842CBA78B6604DE02F49AC81D7
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Page URL History Show full URLs

  1. https://t.prod1.emailing.notretemps.com/r/?id=hbbf85f58,51eb4c1e,8018d0c7&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT55ugo8p1... HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT55ugo8p1v... HTTP 302
    https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-10316... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->

Page Statistics

27
Requests

100 %
HTTPS

13 %
IPv6

5
Domains

9
Subdomains

7
IPs

3
Countries

1368 kB
Transfer

2826 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notretemps.com/r/?id=hbbf85f58,51eb4c1e,8018d0c7&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT55ugo8p1vS/zhPyE1qT2kvg==&p2=NLNTE_EditoAll_130-2416-241210&p3=Optin_NTEEdito&p4=20241210 HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT55ugo8p1vS%2FzhPyE1qT2kvg%3D%3D&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Fsante-bien-etre%2Fpsychologie%2Fpasser-d-une-discussion-a-une-conversation-103169%3Futm_medium%253Demail%2526utm_source%253Dnewsletter%2526utm_campaign%253DNLNTE_EditoAll_130-2416-241210%2526utm_content%253DOptin_NTEEdito%2B20241210%2526interest%253Dnte_sante HTTP 302
    https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request passer-d-une-discussion-a-une-conversation-103169
www.notretemps.com/sante-bien-etre/psychologie/
Redirect Chain
  • https://t.prod1.emailing.notretemps.com/r/?id=hbbf85f58,51eb4c1e,8018d0c7&p1=RswMPw54JxZ4F+g7VxN0NDlRCBrofqT55ugo8p1vS/zhPyE1qT2kvg==&p2=NLNTE_EditoAll_130-2416-241210&p3=Optin_NTEEdito&p4=20241210
  • https://sso.notretemps.com/auth/realms/bayard/autologin/?key=RswMPw54JxZ4F%2Bg7VxN0NDlRCBrofqT55ugo8p1vS%2FzhPyE1qT2kvg%3D%3D&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Fsante-bien-etre%2Fpsych...
  • https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_conte...
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e30cd5136066b730dd636cfae944ee943142178b70692a5fb69f92d674852106

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Tue, 10 Dec 2024 06:34:32 GMT
server
nginx
tdm-reservation
1
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
x-amz-cf-id
-MF_tTFORDzUC3jmpjA3DqV2DJUBxcDW5U3kk4slxnkjqsmm7GPZUg==
x-amz-cf-pop
FRA60-P8
x-cache
Error from cloudfront

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
access-control-allow-origin
*
access-control-expose-headers
Authorization, X-Total-Count
alt-svc
h3=":443"; ma=86400
content-type
text/html; charset=UTF-8
date
Tue, 10 Dec 2024 06:34:32 GMT
location
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito 20241210&interest=nte_sante
server
nginx
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
abtfP5j5Vx3nVMENQfXrt_yGUbeoYxgVi9BzELGExXnAFxb4nKLdZg==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
notretemps.css
www.notretemps.com/css/ 		294 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/css/notretemps.css?version=1.2.95
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e2b899ee47f8a81d119ec11ef56ced0b0dd22c6e5f8e6ef6a1d214781b76a85f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6756f560-497c4"
age
57082
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
XBby5Ge-Ssy-OeCCpTT2kO6wGk2-bB7z2bE5eEtTFjsWBoiRtypq2Q==
date
Mon, 09 Dec 2024 14:43:10 GMT
content-type
text/css
last-modified
Mon, 09 Dec 2024 13:49:20 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
app.js
www.notretemps.com/js/ 		267 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/app.js?version=1.2.95
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
fb8939d0e39bc87fb4129e3a7b7134f6d955bd0b5c1e7e555e33f98676ed4dd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6756f591-42d57"
age
57082
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
IAxEDeLCQ0e97xz3qZJpNyXt9kgL7PGy9Hrpud9K_GNNvCwhl96vcA==
date
Mon, 09 Dec 2024 14:43:10 GMT
content-type
application/javascript
last-modified
Mon, 09 Dec 2024 13:50:09 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
keycloak.min.js
sso.notretemps.com/auth/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/js/keycloak.min.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-29.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Authorization, X-Total-Count
content-encoding
gzip
etag
W/"61fadcfa-82cc"
age
17980
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pTHiHQQI3OkrnNtcdbfIaXAwJS7AjNCY_XI9l_NVXsAgMsd7tvIHfw==
date
Tue, 10 Dec 2024 01:34:52 GMT
content-type
application/javascript
last-modified
Wed, 02 Feb 2022 19:35:22 GMT
access-control-allow-headers
Connection, Accept, Content-Type, Content-length, Authorization, Origin, X-Api-Key, X-Requested-With, X-Orange-Alias
access-control-allow-credentials
true
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C1
server
nginx
inter-regular.woff2
www.notretemps.com/fonts/inter/ 		97 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-regular.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d159867237e01505e63cbf54cd877e25badb9c4c3cc1039d3a2d3ed2c0447085

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-185e0"
age
5952228
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
99808
x-amz-cf-id
uup_L-gjmPa9JJZE_GZMtYaJ7hoaPd3pExYm2u9QnENkbeMFIFY3Uw==
date
Wed, 02 Oct 2024 09:10:44 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-light.woff2
www.notretemps.com/fonts/inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-light.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
bb4a3ec3b72168ab3203030861c0ca924177945d396a2a3f85db50fa14c698ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"672b671e-19fc8"
age
2875803
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
106440
x-amz-cf-id
8rtOUuZdb9bwaEDMkqEzSiQftn6Y7XELNaEfvRVJVj9VaEQSoO0hdA==
date
Wed, 06 Nov 2024 23:44:29 GMT
content-type
application/font-woff2
last-modified
Wed, 06 Nov 2024 12:54:54 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-medium.woff2
www.notretemps.com/fonts/inter/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-medium.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
76f810d32d84c2aaf2d777d0950764a4976bddaa22ba81c2de26c171767c9c54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a528"
age
5952228
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
107816
x-amz-cf-id
1zGj-PwGiaDPFaZbKEf92t6vPsoa9JIUad9k9_BeaseguE83ZjVYtQ==
date
Wed, 02 Oct 2024 09:10:44 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-semibold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-semibold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4f6466a8bd04bc37861af1d2630cb2c3f3a55b63f86611a9d9ddbc7348be1f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"672b671e-1a724"
age
2875803
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108324
x-amz-cf-id
3oXLhqbwWnti3vptEy_Ben4O61vBdfhssF59j9Xc5_YOWjONQvJ6hg==
date
Wed, 06 Nov 2024 23:44:29 GMT
content-type
application/font-woff2
last-modified
Wed, 06 Nov 2024 12:54:54 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-bold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-bold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"672b671e-1a824"
age
2875803
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108580
x-amz-cf-id
KOf6kbTB0d2dlquJOBeqqv3RBl5bIT1C9GnMdJ41_mvcAHxxmpb9Tw==
date
Wed, 06 Nov 2024 23:44:29 GMT
content-type
application/font-woff2
last-modified
Wed, 06 Nov 2024 12:54:54 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-extrabold.woff2
www.notretemps.com/fonts/inter/ 		106 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-extrabold.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
7d58acd43d195a78a4667e3c472660c87b7891722d15f92ef09aea3eed4d656b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1a770"
age
5952228
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
108400
x-amz-cf-id
cSbp9fx9JneccqUqnmd_fN3tFo1oWrJA4TqOcS-j5xlk_TenCbxJ5g==
date
Wed, 02 Oct 2024 09:10:44 GMT
content-type
application/font-woff2
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
inter-black.woff2
www.notretemps.com/fonts/inter/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/fonts/inter/inter-black.woff2
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
9505c350689a90d161ed038f5ba854de008e0014381cf9a5c875006bfb932c12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"672b671e-198cc"
age
2875803
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
104652
x-amz-cf-id
yOij9VMCPD5WeWreogthKOleOfD92bqGgvkiXsoG7OhSHvPb5rCqNg==
date
Wed, 06 Nov 2024 23:44:29 GMT
content-type
application/font-woff2
last-modified
Wed, 06 Nov 2024 12:54:54 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
ads.js
www.notretemps.com/js/ 		239 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/js/ads.js?version=1.2.95
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
ceb7ba778ddd9852be3ad105c24f30ab2553266a1b78ad8733d76a53c19619bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"6756f560-ef"
age
57082
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
q-JiPO9zAm26oJdJaS8qOGKikcY_vT4DVs2e1KGE_xaiMy1_4AhAmw==
date
Mon, 09 Dec 2024 14:43:10 GMT
content-type
application/javascript
last-modified
Mon, 09 Dec 2024 13:49:20 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
ws.jsa
www.wysistat.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/ws.jsa
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.128.80.55 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
d2567969574cfef6e14b1d8cd7cd09e9bbd18189d24e7a7ccc8892bdb79ff699

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

ETag
"b89-60f4a9475ab40"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2953
Keep-Alive
timeout=5, max=100
Date
Tue, 10 Dec 2024 06:34:32 GMT
Last-Modified
Fri, 19 Jan 2024 11:14:13 GMT
Server
Apache/2.4.55 (Ubuntu)
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/js/ads.js?version=1.2.95
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

content-encoding
br
etag
13956334829419947867
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 06:34:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 10 Dec 2024 06:34:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53981
x-xss-protection
0
server
cafe
gtm.js
t.notretemps.com/ 		375 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-KP37JNG
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:d000:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
15318e515291c926311e938ce422038e8bf1af981bb71c825c45764f84a7909f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
expires
Tue, 10 Dec 2024 06:48:48 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
UYL6szTwJWGtTZ7iYTrsFZAUhACX7lK4HoCPWW-xn-oX5zzBLRpUTQ==
date
Tue, 10 Dec 2024 06:34:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 06:00:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
vary
accept-encoding
gtm.js
t.notretemps.com/ 		423 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:d000:a:9c85:8d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4a6c8056521afe3f74b620f9ca7c4589ab04933f1368ef9f4134d058ce21209d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
expires
Tue, 10 Dec 2024 06:49:23 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
HIEjOQ4smyhw_aHvjfnvpT-A3l4kwlpoBiXkwGLEjd4GZTZgq7SFXw==
date
Tue, 10 Dec 2024 06:34:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 06:00:00 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
vary
accept-encoding
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
6f8dbb1f90143a56d5180680e0be1be01a66da2be11bdb9e6133d09fba58e615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
content-encoding
gzip
etag
W/"672b671e-a0b"
age
2897980
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
x-amz-cf-id
hli7u-BO448K2Yq7L2V2qz3r8kqSW5IfH5LCvigDv6N78dPJmLqUFg==
date
Wed, 06 Nov 2024 17:34:52 GMT
content-type
image/svg+xml
last-modified
Wed, 06 Nov 2024 12:54:54 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
error.jpg
www.notretemps.com/images/notretemps/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/error.jpg
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
bad4ac8ffa619d587e89b833baca95d30843a5f44205e8953f3e8d1e86be1752

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

cache-control
max-age=31104000, public
etag
"66fd0c06-1b225"
age
5952175
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
quiz.notretemps.com
x-cache
Hit from cloudfront
content-length
111141
x-amz-cf-id
YjCmyoNDzMVlQ8uSGlYH5XqInG8y5YOaMOxdSNNQurcd_mKYJO1pDg==
date
Wed, 02 Oct 2024 09:11:37 GMT
content-type
image/jpeg
last-modified
Wed, 02 Oct 2024 09:01:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P8
statistique.js
www.wysistat.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wysistat.com/statistique.js
Requested by
Host: www.wysistat.com
URL: https://www.wysistat.com/ws.jsa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.128.80.55 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
2328c29c1c100a298d8cdae2c9aa4e8b0ecd7d867f178d55abe8311fe0ef8024

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

Cache-Control
public, max-age=129600, must-revalidate
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
2505
Keep-Alive
timeout=5, max=99
Date
Tue, 10 Dec 2024 06:34:32 GMT
Last-Modified
Fri, 03 Mar 2023 13:24:11 GMT
Vary
Accept-Encoding
Server
Apache/2.4.55 (Ubuntu)
Content-Type
application/x-javascript; charset=ISO8859-15
compteur.php
www.wysistat.com/images/notretemps/ 		43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wysistat.com/images/notretemps/compteur.php?nom=notretemps&tps=3234&ecran=1600x1200&origine=&origine_force=&frame=0&ParaWysistat=0&CompteurExtranet=0&consent=0&event=&SubAccount=&ParaPage=0&ParaProfiling=0&ParaCompte=0&ParaRoi=0&ojd_version=2&cookie=1&deja_cookie=0&id=0.2212756611811697_1733812472792&id_int=0.2212756611811697_1733812472792&compteur_mois=1&compteur_jour=1&deja_id=0&vu_diff_jour=0&vu_time_prec=1733812472&page_js=https%3A//www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_130-2416-241210%26utm_content%3DOptin_NTEEdito%252020241210%26interest%3Dnte_sante
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
57.128.80.55 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
Apache/2.4.55 (Ubuntu) /
Resource Hash
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=98
Date
Tue, 10 Dec 2024 06:34:32 GMT
Content-Type
image/gif
Server
Apache/2.4.55 (Ubuntu)
Connection
Keep-Alive
js
notretemps.com/metrics/gtag/ 		407 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notretemps.com/metrics/gtag/js?id=G-59S2NR2W4V&l=dataLayer&cx=c&gtm=45Fe4c90v831928622za204&sign=a70149cbe896b783c525e304d25700827348335ef983e0301ca90e6fd63857ce_20241210
Requested by
Host: t.notretemps.com
URL: https://t.notretemps.com/gtm.js?id=GTM-PQ9M68D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
35b0902bf4ce5916f2e86475e2585460d67dca086472cfcd38c888d21bedf088

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
expires
Tue, 10 Dec 2024 06:49:23 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
n_xZFXhX9e-yWdoWUk1DOHgW_Pgm73gFxQN3xGxcKCryWPP7XgDkxw==
date
Tue, 10 Dec 2024 06:34:33 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-amz-cf-pop
FRA60-P8
marfeel-sdk.js
sdk.mrf.io/statics/ 		170 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Requested by
Host: www.notretemps.com
URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbd1ffd31f5a0cf04619b29db7da4155753bc7719fcec05f7ac0e08d422115a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.notretemps.com
Referer
https://www.notretemps.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
197
x-response-time
109ms
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 10 Dec 2024 06:34:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 06:31:16 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=1800
x-envoy-upstream-service-time
121
cf-ray
8efb35b4a8aa365b-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
47138
server
cloudflare
ingest.php
events.newsroom.bi/ 		165 B
909 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.155.186 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3241982.ip-141-94-155.eu
Software
istio-envoy /
Resource Hash
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
120
date
Tue, 10 Dec 2024 06:34:33 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
favicon.ico
www.notretemps.com/ 		1 KB
911 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
12bbf6e3407e1e20b895a13cfadafe19692948d7c7393bd15397d9c019a7160e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

content-encoding
gzip
age
768209
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 09:11:04 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
ucdGuBaIhX7Ke1JF7Xh3kBfG3coOkU7xCb2p0TxgkVQ41X-b8ip4Ww==
date
Sun, 01 Dec 2024 09:11:04 GMT
content-type
image/vnd.microsoft.icon
last-modified
Sun, 01 Dec 2024 09:11:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
must-revalidate, public, s-maxage=2592000
x-backend
notretempsc203.cs.bayard.local
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P8
server
nginx
favicon-32x32.png
www.notretemps.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.notretemps.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
13317fb2c79c947092a795a3efdcb5fc6991c513838a28044a59e273e5fe0ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante

Response headers

age
768209
x-content-type-options
nosniff
expires
Tue, 31 Dec 2024 09:11:04 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
sEm1H_isPrgJBNkAwuAdmTOrwSc8-t9zjE5AU_hXKBSaXJ8hgHFDog==
date
Sun, 01 Dec 2024 09:11:04 GMT
content-type
image/png
last-modified
Sun, 01 Dec 2024 09:11:04 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
must-revalidate, public, s-maxage=2592000
x-backend
notretempsc201.cs.bayard.local
via
1.1 1fa5d8f57b04797d33d03ff93cb7543e.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P8
server
nginx
rfv.php
events.newsroom.bi/data/ 		27 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.155.186 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3241982.ip-141-94-155.eu
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
42
date
Tue, 10 Dec 2024 06:34:33 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ingest.php
events.newsroom.bi/ 		2 B
782 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=3303
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.155.186 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3241982.ip-141-94-155.eu
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.notretemps.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.notretemps.com
content-length
2
date
Tue, 10 Dec 2024 06:34:33 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wsq object| dataLayer function| trim function| _wysistat function| _setNom function| _setFrame function| _setParaWysistat function| _setCompteurExtranet function| _setParaPage function| _setPage function| _setParaRoi function| _setParaProfiling function| _setParaCompte function| _setConsentCookie function| _setEvent function| _setSubAccount function| _reset function| _wstopn function| _setAccount function| _setTag function| _setID object| wsq object| wst string| v string| wscli number| wscook string| wsecr function| stat function| wysistat function| ws_getScreenSize function| ws_retVide function| ws_writeCook function| ws_readCook function| ws_majCook function| ws_isCookAccept function| storageAvailable function| ws_encode function| ws_getConsent number| valeur number| wysi object| google_tag_manager object| google_tag_data number| bayard_first_visit_ga string| pageType function| e function| t object| marfeel object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

20 Cookies

Domain/Path Name / Value
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_IDENTITY
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZDUxMWMxMy00ODVmLTRjNzAtOGMxMy02YTJhYjRmMmM1YzgifQ.eyJleHAiOjE3NjgzNzI0NzIsImlhdCI6MTczMzgxMjQ3MiwianRpIjoiZTgxNDE4MDEtYTUwOC00YzEyLWE4OTUtYjI1YTA1OTkzZGM3IiwiaXNzIjoiaHR0cHM6Ly9zc28ubm90cmV0ZW1wcy5jb20vYXV0aC9yZWFsbXMvYmF5YXJkIiwic3ViIjoiNDJlZjRhNzAtODJhMC00MzgxLWE5YTYtNmVhYzQxMzdiYjEyIiwidHlwIjoiU2VyaWFsaXplZC1JRCIsInNlc3Npb25fc3RhdGUiOiI1NzA0OWM5Mi05NTBjLTQyNTMtYjI4Zi04OWQ1MWVjMGJhMmYiLCJzaWQiOiI1NzA0OWM5Mi05NTBjLTQyNTMtYjI4Zi04OWQ1MWVjMGJhMmYiLCJzdGF0ZV9jaGVja2VyIjoiS3BPblFPSjloRHdBeWZKdzNaWHZudmpHTENYMkhQNnFMUG4wM200clhUTSJ9.G6S9jW8AYfhHnNr51caZrCzLPnxxADgM9SAFG2ztF8I
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_IDENTITY_LEGACY
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZDUxMWMxMy00ODVmLTRjNzAtOGMxMy02YTJhYjRmMmM1YzgifQ.eyJleHAiOjE3NjgzNzI0NzIsImlhdCI6MTczMzgxMjQ3MiwianRpIjoiZTgxNDE4MDEtYTUwOC00YzEyLWE4OTUtYjI1YTA1OTkzZGM3IiwiaXNzIjoiaHR0cHM6Ly9zc28ubm90cmV0ZW1wcy5jb20vYXV0aC9yZWFsbXMvYmF5YXJkIiwic3ViIjoiNDJlZjRhNzAtODJhMC00MzgxLWE5YTYtNmVhYzQxMzdiYjEyIiwidHlwIjoiU2VyaWFsaXplZC1JRCIsInNlc3Npb25fc3RhdGUiOiI1NzA0OWM5Mi05NTBjLTQyNTMtYjI4Zi04OWQ1MWVjMGJhMmYiLCJzaWQiOiI1NzA0OWM5Mi05NTBjLTQyNTMtYjI4Zi04OWQ1MWVjMGJhMmYiLCJzdGF0ZV9jaGVja2VyIjoiS3BPblFPSjloRHdBeWZKdzNaWHZudmpHTENYMkhQNnFMUG4wM200clhUTSJ9.G6S9jW8AYfhHnNr51caZrCzLPnxxADgM9SAFG2ztF8I
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_SESSION
Value: bayard%2F42ef4a70-82a0-4381-a9a6-6eac4137bb12%2F57049c92-950c-4253-b28f-89d51ec0ba2f
sso.notretemps.com/auth/realms/bayard/ Name: KEYCLOAK_SESSION_LEGACY
Value: bayard%2F42ef4a70-82a0-4381-a9a6-6eac4137bb12%2F57049c92-950c-4253-b28f-89d51ec0ba2f
.notretemps.com/ Name: AMCV_551310525D816F350A495C48%40AdobeOrg
Value: MCMID%7C90786938988254986233169403839715475455
.notretemps.com/ Name: nlid
Value: bbf85f58|51eb4c1e
.notretemps.com/ Name: nllastdelid
Value: 51eb4c1e
sso.notretemps.com/ Name: AWSALB
Value: G6JNEZjXMIVyabRMswdtHV3eDZJ5jvjn%2F4bE4uZE%2FTMVHTXOo25GoiR6P4SmcNGcaeCrV%2BySLJmomVdYg9w%2FQv8ompuBBpyDO0OzYjXf8yK0YpE1e622GY0avMeL
sso.notretemps.com/ Name: AWSALBCORS
Value: G6JNEZjXMIVyabRMswdtHV3eDZJ5jvjn%2F4bE4uZE%2FTMVHTXOo25GoiR6P4SmcNGcaeCrV%2BySLJmomVdYg9w%2FQv8ompuBBpyDO0OzYjXf8yK0YpE1e622GY0avMeL
www.notretemps.com/ Name: Wysistat
Value: 0.2212756611811697_1733812472792%C3%AF%C2%BF%C5%931%C3%AF%C2%BF%C5%931733812472792%C3%AF%C2%BF%C5%931%C3%AF%C2%BF%C5%931733812472%C3%AF%C2%BF%C5%930.2212756611811697_1733812472792%C3%AF%C2%BF%C5%931767940472792
.notretemps.com/ Name: __utmzz
Value: utmcsr=newsletter|utmcmd=email|utmccn=NLNTE_EditoAll_130-2416-241210|utmcct=Optin_NTEEdito%2020241210
.notretemps.com/ Name: __utmzzses
Value: 1
.notretemps.com/ Name: __utmzzfirst
Value: utmcsr=newsletter|utmcmd=email|utmccn=NLNTE_EditoAll_130-2416-241210|utmcct=Optin_NTEEdito%2020241210
.notretemps.com/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1733812473%2C%22currentVisitStarted%22%3A1733812473%2C%22sessionId%22%3A%22d5399538-1f73-44ae-94ac-69a3ccd840b9%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169%3Futm_medium%3Demail%26utm_source%3Dnewsletter%26utm_campaign%3DNLNTE_EditoAll_130-2416-241210%26utm_content%3DOptin_NTEEdito%252020241210%26interest%3Dnte_sante%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.notretemps.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1733812473%2C%22userId%22%3A%22b693f328-c81e-41c1-b796-86c03222f48a%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1733812473%2C%22timesVisited%22%3A1%7D
.notretemps.com/ Name: compass_uid
Value: b693f328-c81e-41c1-b796-86c03222f48a
events.newsroom.bi/ Name: 3303_u
Value: b693f328-c81e-41c1-b796-86c03222f48a
events.newsroom.bi/ Name: 3303_s
Value: d5399538-1f73-44ae-94ac-69a3ccd840b9
events.newsroom.bi/ Name: 3303_lv
Value: null
events.newsroom.bi/ Name: 3303_ut
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Message:
Failed to load resource: the server responded with a status of 410 ()
javascript warning URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Message:
The resource https://sso.notretemps.com/auth/js/keycloak.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.notretemps.com/sante-bien-etre/psychologie/passer-d-une-discussion-a-une-conversation-103169?utm_medium=email&utm_source=newsletter&utm_campaign=NLNTE_EditoAll_130-2416-241210&utm_content=Optin_NTEEdito%2020241210&interest=nte_sante
Message:
The resource https://www.notretemps.com/js/app.js?version=1.2.95 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.newsroom.bi
notretemps.com
pagead2.googlesyndication.com
sdk.mrf.io
sso.notretemps.com
t.notretemps.com
t.prod1.emailing.notretemps.com
www.notretemps.com
www.wysistat.com
141.94.155.186
142.250.185.98
172.67.159.162
18.172.112.97
2600:9000:2761:d000:a:9c85:8d80:93a1
52.208.20.191
57.128.80.55
65.9.66.29
12bbf6e3407e1e20b895a13cfadafe19692948d7c7393bd15397d9c019a7160e
13317fb2c79c947092a795a3efdcb5fc6991c513838a28044a59e273e5fe0ca6
15318e515291c926311e938ce422038e8bf1af981bb71c825c45764f84a7909f
2328c29c1c100a298d8cdae2c9aa4e8b0ecd7d867f178d55abe8311fe0ef8024
2dbd1ffd31f5a0cf04619b29db7da4155753bc7719fcec05f7ac0e08d422115a
35b0902bf4ce5916f2e86475e2585460d67dca086472cfcd38c888d21bedf088
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
4a6c8056521afe3f74b620f9ca7c4589ab04933f1368ef9f4134d058ce21209d
4f6466a8bd04bc37861af1d2630cb2c3f3a55b63f86611a9d9ddbc7348be1f1c
6f8dbb1f90143a56d5180680e0be1be01a66da2be11bdb9e6133d09fba58e615
76f810d32d84c2aaf2d777d0950764a4976bddaa22ba81c2de26c171767c9c54
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7d58acd43d195a78a4667e3c472660c87b7891722d15f92ef09aea3eed4d656b
872ffa9dc91dfe681b9be82cbb41cbcdc0985e77ab27e1583e38d84e1543cb74
9505c350689a90d161ed038f5ba854de008e0014381cf9a5c875006bfb932c12
b275913f02873d0cd13872bab81abb5585a6efd1f24103ad32b3cd39e2039678
bad4ac8ffa619d587e89b833baca95d30843a5f44205e8953f3e8d1e86be1752
bb4a3ec3b72168ab3203030861c0ca924177945d396a2a3f85db50fa14c698ff
ceb7ba778ddd9852be3ad105c24f30ab2553266a1b78ad8733d76a53c19619bd
d159867237e01505e63cbf54cd877e25badb9c4c3cc1039d3a2d3ed2c0447085
d2567969574cfef6e14b1d8cd7cd09e9bbd18189d24e7a7ccc8892bdb79ff699
e2b899ee47f8a81d119ec11ef56ced0b0dd22c6e5f8e6ef6a1d214781b76a85f
e30cd5136066b730dd636cfae944ee943142178b70692a5fb69f92d674852106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8da39a835718cf509623f39398d0c9e18f049898c4af01615bac1d1385a0a3a
fb8939d0e39bc87fb4129e3a7b7134f6d955bd0b5c1e7e555e33f98676ed4dd0