urlscan.io logo urlscan.io
SecurityTrails logo

sso.notretemps.com Open in urlscan Pro
18.66.122.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.prod1.emailing.notrefamille.com/r/?id=h46658d53,5cd66765,7ff1c4f6
Effective URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2...
Submission: On July 12 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 17 HTTP transactions. The main IP is 18.66.122.20, located in United States and belongs to AMAZON-02, US. The main domain is sso.notretemps.com.
TLS certificate: Issued by Amazon on January 10th 2022. Valid for: a year.
This is the only time sso.notretemps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.214.202.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-202-50.eu-west-1.compute.amazonaws.com
t.prod1.emailing.notrefamille.com
5    18.66.122.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-20.fra60.r.cloudfront.net
sso.notretemps.com
3    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:9000:225e:2600:5:b7cc:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdk.privacy-center.org
1    13.225.78.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-86.fra2.r.cloudfront.net
static.bayard.io
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2600:9000:2240:ca00:d:2044:5c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.privacy-center.org
1    18.66.248.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-97.dus51.r.cloudfront.net
www.notretemps.com
Apex Domain
Subdomains		 Transfer
6 notretemps.com
sso.notretemps.com
www.notretemps.com — Cisco Umbrella Rank: 356563
52 KB
5 privacy-center.org
sdk.privacy-center.org — Cisco Umbrella Rank: 6374
api.privacy-center.org — Cisco Umbrella Rank: 9632
148 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
233 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
548 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2733
348 B
1 bayard.io
static.bayard.io — Cisco Umbrella Rank: 737447
465 B
1 notrefamille.com
t.prod1.emailing.notrefamille.com
658 B
17 7
Domain Requested by
5 sso.notretemps.com sso.notretemps.com
3 sdk.privacy-center.org sso.notretemps.com
sdk.privacy-center.org
3 www.googletagmanager.com sso.notretemps.com
www.googletagmanager.com
2 api.privacy-center.org sdk.privacy-center.org
1 www.notretemps.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.bayard.io www.googletagmanager.com
1 t.prod1.emailing.notrefamille.com 1 redirects
17 9

This site contains links to these domains. Also see Links.

Domain
www.notretemps.com
Subject Issuer Validity Valid
sso.notretemps.com
Amazon		 2022-01-10 -
2023-02-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.privacy-center.org
Amazon		 2022-04-09 -
2023-05-08		 a year crt.sh
static.bayard.io
Amazon		 2021-11-16 -
2022-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
api.privacy-center.org
Amazon		 2022-06-29 -
2023-07-27		 a year crt.sh
notretemps.com
Amazon		 2022-03-21 -
2023-04-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Frame ID: CB6AFC1698975AD1FA04CC6DBF901AFD
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Se connecter à bayard

Page URL History Show full URLs

  1. https://t.prod1.emailing.notrefamille.com/r/?id=h46658d53,5cd66765,7ff1c4f6 HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&red... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • sdk\.privacy-center\.org/.*/loader\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

17
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

434 kB
Transfer

1628 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.prod1.emailing.notrefamille.com/r/?id=h46658d53,5cd66765,7ff1c4f6 HTTP 302
    https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/
Redirect Chain
  • https://t.prod1.emailing.notrefamille.com/r/?id=h46658d53,5cd66765,7ff1c4f6
  • https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_...
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
f54a0b359851b28f358150178bd1651603f64b5c9c54f376dc5e96b41f9f4e95
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, must-revalidate, max-age=0
content-encoding
gzip
content-language
fr
content-security-policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=utf-8
date
Tue, 12 Jul 2022 08:24:48 GMT
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id
89I47FpBufC5YNnZ_VQ6nfvALAj4CiEsPlhns2g1JOLj2nnymH2_Ow==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
none
x-xss-protection
1; mode=block

Redirect headers

content-length
17
content-type
text/plain; charset=utf-8
date
Tue, 12 Jul 2022 08:24:47 GMT
location
https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
p3p
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server
Apache
x-robots-tag
noindex
account.css
sso.notretemps.com/auth/resources/isspx/login/notretemps.com/css/ 		161 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/resources/isspx/login/notretemps.com/css/account.css
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
80c8c73ec33302dc63d278d3e65946004f0f210e2cb07a737944a6026b5c9b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
gzip
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA60-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
text/css;charset=UTF-8
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-content-type-options
nosniff
x-amz-cf-id
blQVyyf1cti0koLCQDzt-CgqZYH16beObF6mderA1ol8iyRTpdJY6w==
x-xss-protection
1; mode=block
icomoon.css
sso.notretemps.com/auth/resources/isspx/login/notretemps.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/resources/isspx/login/notretemps.com/css/icomoon.css
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
0d84daf07101f362ef5454cf7dc048eaf8e40116930d21d4e62e89f265a187b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
gzip
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA60-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
text/css;charset=UTF-8
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-content-type-options
nosniff
x-amz-cf-id
9sprdISKHww_FA3c1_keFVRfFOo4m5TESpyMls8oDVBTWbGSHGY2Mg==
x-xss-protection
1; mode=block
logo.svg
sso.notretemps.com/auth/resources/isspx/login/notretemps.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.notretemps.com/auth/resources/isspx/login/notretemps.com/img/logo.svg
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
gzip
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA60-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
image/svg+xml
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-content-type-options
nosniff
x-amz-cf-id
THov9fyyO45VVgxNI13eD8xtx0o8mOum0ZGqx6t2Anjx-DOl_SB_MA==
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		362 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a26428904b281501298ebe448a14939077f4e4e32be46e08e19d2d9d9149af55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95665
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Jul 2022 08:24:48 GMT
icomoon.ttf
sso.notretemps.com/auth/resources/isspx/login/notretemps.com/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sso.notretemps.com/auth/resources/isspx/login/notretemps.com/fonts/icomoon.ttf?mshqbu
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/resources/isspx/login/notretemps.com/css/icomoon.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
430aa781867311381d9e02e89109446014ca8991ba76fe086ad3f90710903518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://sso.notretemps.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
referrer-policy
no-referrer
server
nginx
x-amz-cf-pop
FRA60-P2
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/octet-stream
x-xss-protection
1; mode=block
cache-control
max-age=2592000
content-length
8648
x-content-type-options
nosniff
x-amz-cf-id
UT0JDg1OaePnItG-Mi543XZCOo5RzaGF2zEgkxJ5IFkn12WaPu7Miw==
js
www.googletagmanager.com/gtag/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KYSRH2EDD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0acaa7ce840f8840c64123bb226ee6379fd1ddf43fee22a8afc72d5432ef1129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71175
x-xss-protection
0
expires
Tue, 12 Jul 2022 08:24:48 GMT
loader.js
sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=sso.notretemps.com
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2c96596a31c4b7c7c686aa9e773665a798af44835173034c597be6eaeb803b81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
gzip
x-didomi-remote-config-source
Dynamo
server
CloudFront
x-amz-cf-pop
FRA60-P4
etag
"8921247be01418dbf12655d8b8a1cbbd"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=7200, public
content-length
5362
x-amz-cf-id
1lXYSE1BrAW0a60UapMNHbvLm5d8NRtABb43LuzxtLs9oGM5J6RFhg==
gtm.js
www.googletagmanager.com/ 		213 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M63F6W7
Requested by
Host: sso.notretemps.com
URL: https://sso.notretemps.com/auth/realms/bayard/protocol/openid-connect/auth?client_id=notretemps.com&redirect_uri=https%3A%2F%2Fwww.notretemps.com%2Floginsucess%3Fga_cid%3D440064211.1584035596%26ga_time%3D1591692301&state=04e0f279-2549-4de9-ae32-282a776d0489&response_mode=fragment&response_type=code&scope=openid&nonce=2d141d9a-1929-476c-807c-507d2d4762ef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec6f3306553a8479965f2a57764024f24cea80fc2e5578fcc05a4eeb51ec0446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71413
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Jul 2022 08:24:48 GMT
ads.js
static.bayard.io/global/ 		21 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bayard.io/global/ads.js?v=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5310e41145ca8fc00f20409c02a43e53eeb6d874ba381ee47255418eb4da9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3GkP12yyBreuAiM0M3V6cZGD1z7AAJWn
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
etag
"974ce304e0ed7f13c68001cc94a0f129"
age
2549337
x-cache
Hit from cloudfront
x-amz-meta-ctime
1560432772
x-amz-meta-mode
33204
content-length
21
last-modified
Thu, 13 Jun 2019 13:32:53 GMT
server
AmazonS3
date
Sun, 12 Jun 2022 20:19:00 GMT
x-amz-meta-uid
0
x-amz-meta-gid
0
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
8TAJQcysi1ZdGmnpOTcn2pWaLb0FMz3I5ziCUYcCFCG1AS9Xm9AyQQ==
x-amz-meta-mtime
1549466699
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1KYSRH2EDD&gtm=2oe7b0&_p=2057260531&_z=ccd.v9B&cid=2115201181.1657614288&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fsso.notretemps.com%2Fauth%2Frealms%2Fbayard%2Fprotocol%2Fopenid-connect%2Fauth&sid=1657614288&sct=1&seg=0&dt=Se%20connecter%20%C3%A0%20bayard&en=scroll&_fv=1&_nsi=1&_ss=1&ep.page_hostname=sso.notretemps.com&ep.gtm_container_id=GTM-KP37JNG&ep.h1=Me%20connecter&ep.canonical=null&ep.amp_page=null&ep.browser_size=1600*1200&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KYSRH2EDD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 08:24:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sso.notretemps.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
sdk.privacy-center.org/ 		392 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/sdk.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/62d49a58-db6d-4c51-8765-ffeab500ecb9/loader.js?target=sso.notretemps.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d49f963d4e46b706ad892eac48dd29bd00d923feb6acb8cd49ad959d2be4430d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 11 Jul 2022 11:32:07 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 11:26:04 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1657538310/ctime:1657538310/gid:0/gname:root/md5:3032175f6a1dde8421b137b1408de0eb/mode:33188/mtime:1657538310/uid:0/uname:root
age
75162
etag
W/"3032175f6a1dde8421b137b1408de0eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
VxtIDVRJz2KQ4tHjqXjKBly_dsI717x9cL66AbMed7z3d38Z5lPDKw==
ui-gdpr-en.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
sdk.privacy-center.org/ 		266 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2600:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24bcc123bfd19e15f79c2498e53f14cb987643b9bec950f256682a1f93599287

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 11 Jul 2022 11:32:07 GMT
content-encoding
gzip
last-modified
Mon, 11 Jul 2022 11:26:09 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1657538310/ctime:1657538310/gid:0/gname:root/md5:878ad79cedb76ab1bd82e85e857d3ba2/mode:33188/mtime:1657538310/uid:0/uname:root
age
75162
etag
W/"878ad79cedb76ab1bd82e85e857d3ba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
XmX_lYbw-hrJtPwpbaFmxDdp42ZCXSXWhTRbGnOJ54F4OgshJ7tzpg==
landing
pagead2.googlesyndication.com/pagead/ 		42 B
548 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=1184191550.1657614289&url=https%3A%2F%2Fsso.notretemps.com%2Fauth%2Frealms%2Fbayard%2Fprotocol%2Fopenid-connect%2Fauth&gtm=2wg7b0KP37JNG
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KP37JNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 08:24:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
api.privacy-center.org/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ca00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://sso.notretemps.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Tue, 12 Jul 2022 08:24:48 GMT
vary
Access-Control-Request-Headers
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-amz-cf-id
dp8k1YwBnF2Oc5mhDdMjGFhNEdFtLX-eT4T7R1iE4b0NCBIWWrK6UQ==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
x-powered-by
Express
events
api.privacy-center.org/v1/ 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privacy-center.org/v1/events
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.e7b463d0365bc2cc2b9514729edd11ec2827336b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ca00:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Jul 2022 08:24:48 GMT
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
surrogate-control
no-store
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
x-xss-protection
1; mode=block
pragma
no-cache
allow
POST
x-frame-options
SAMEORIGIN
etag
W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options
noopen
vary
Accept
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-amz-cf-id
oT8bK5nmlghHfE5-lbv7azK1aqXbWOQh68RvIYSPDCUZOUEtRWhMow==
expires
0
logo.svg
www.notretemps.com/images/notretemps/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.notretemps.com/images/notretemps/logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-97.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 15:51:11 GMT
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 13:08:05 GMT
server
nginx
age
1010017
etag
W/"62bda035-bd4"
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
quiz.notretemps.com
cache-control
max-age=31104000, public
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
KWWc4QrU1T1s_if5ZVF3tqCVdrX1JusX9U8xfumubuA5C-cLpDrETw==
via
1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer function| togglePassword object| google_tag_manager boolean| gdprAppliesGlobally function| __tcfapi function| setCookie function| onYouTubeIframeAPIReady string| statut function| retry function| isIE10OrLater function| detectPrivateMode boolean| adblock object| google_tag_data object| gaGlobal object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiOnReady object| didomiEventListeners object| DidomiSanitizing object| googletag object| adsbygoogle object| didomiState object| regeneratorRuntime

13 Cookies

Domain/Path Name / Value
sso.notretemps.com/auth/realms/bayard/ Name: AUTH_SESSION_ID
Value: 5f28a277-19b4-4576-97ce-5f9d8e513f26.keycloakc102
sso.notretemps.com/auth/realms/bayard/ Name: AUTH_SESSION_ID_LEGACY
Value: 5f28a277-19b4-4576-97ce-5f9d8e513f26.keycloakc102
sso.notretemps.com/auth/realms/bayard/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZDUxMWMxMy00ODVmLTRjNzAtOGMxMy02YTJhYjRmMmM1YzgifQ.eyJjaWQiOiJub3RyZXRlbXBzLmNvbSIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vd3d3Lm5vdHJldGVtcHMuY29tL2xvZ2luc3VjZXNzP2dhX2NpZD00NDAwNjQyMTEuMTU4NDAzNTU5NiZnYV90aW1lPTE1OTE2OTIzMDEiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vc3NvLm5vdHJldGVtcHMuY29tL2F1dGgvcmVhbG1zL2JheWFyZCIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly93d3cubm90cmV0ZW1wcy5jb20vbG9naW5zdWNlc3M_Z2FfY2lkPTQ0MDA2NDIxMS4xNTg0MDM1NTk2JmdhX3RpbWU9MTU5MTY5MjMwMSIsInN0YXRlIjoiMDRlMGYyNzktMjU0OS00ZGU5LWFlMzItMjgyYTc3NmQwNDg5Iiwibm9uY2UiOiIyZDE0MWQ5YS0xOTI5LTQ3NmMtODA3Yy01MDdkMmQ0NzYyZWYiLCJyZXNwb25zZV9tb2RlIjoiZnJhZ21lbnQifX0.ct1w7U-gINwf7KnY2SO--PL9gWiYR6bG_baukmc5z8Y
.notrefamille.com/ Name: AMCV_551310525D816F350A495C48%40AdobeOrg
Value: MCMID%7C28079943676655042550935902098539675647
.notrefamille.com/ Name: nlid
Value: 46658d53|5cd66765
.notrefamille.com/ Name: nllastdelid
Value: 5cd66765
sso.notretemps.com/ Name: AWSALB
Value: 0z50ccT7cdNeFtU/lGxX2k2Ub3cfbiTnI9LfZgj4NFc2kSTv13puLTNFQc2/XAS1kH7tb4ATkyGHGjjxebxyeXRkEKnOJf2c/z98Xp9poIVrcohI+6NryHqg8aQT
sso.notretemps.com/ Name: AWSALBCORS
Value: 0z50ccT7cdNeFtU/lGxX2k2Ub3cfbiTnI9LfZgj4NFc2kSTv13puLTNFQc2/XAS1kH7tb4ATkyGHGjjxebxyeXRkEKnOJf2c/z98Xp9poIVrcohI+6NryHqg8aQT
.notretemps.com/ Name: __utmzz
Value: utmcsr=(direct)|utmcmd=(none)|utmccn=(not set)
.notretemps.com/ Name: __utmzzses
Value: 1
.notretemps.com/ Name: _ga_1KYSRH2EDD
Value: GS1.1.1657614288.1.0.1657614288.0
.notretemps.com/ Name: _ga
Value: GA1.1.2115201181.1657614288
.notretemps.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTgxZjE4MmMtNmVjOC02MDY1LTliZWEtMWM4MjgxYjZlMjBiIiwiY3JlYXRlZCI6IjIwMjItMDctMTJUMDg6MjQ6NDguNjgwWiIsInVwZGF0ZWQiOiIyMDIyLTA3LTEyVDA4OjI0OjQ4LjY4MFoiLCJ2ZXJzaW9uIjpudWxsfQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.privacy-center.org
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.privacy-center.org
sso.notretemps.com
static.bayard.io
t.prod1.emailing.notrefamille.com
www.googletagmanager.com
www.notretemps.com
13.225.78.86
18.66.122.20
18.66.248.97
2001:4860:4802:32::36
2600:9000:2240:ca00:d:2044:5c40:93a1
2600:9000:225e:2600:5:b7cc:d3c0:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2008
52.214.202.50
0acaa7ce840f8840c64123bb226ee6379fd1ddf43fee22a8afc72d5432ef1129
0d84daf07101f362ef5454cf7dc048eaf8e40116930d21d4e62e89f265a187b4
11a4e3762b6df9db7ae00faf0ba1748ae3e5d04b26391fd7bb12454ba8f0dadd
24bcc123bfd19e15f79c2498e53f14cb987643b9bec950f256682a1f93599287
2c96596a31c4b7c7c686aa9e773665a798af44835173034c597be6eaeb803b81
430aa781867311381d9e02e89109446014ca8991ba76fe086ad3f90710903518
80c8c73ec33302dc63d278d3e65946004f0f210e2cb07a737944a6026b5c9b4d
a26428904b281501298ebe448a14939077f4e4e32be46e08e19d2d9d9149af55
d49f963d4e46b706ad892eac48dd29bd00d923feb6acb8cd49ad959d2be4430d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5310e41145ca8fc00f20409c02a43e53eeb6d874ba381ee47255418eb4da9a4
ec6f3306553a8479965f2a57764024f24cea80fc2e5578fcc05a4eeb51ec0446
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54a0b359851b28f358150178bd1651603f64b5c9c54f376dc5e96b41f9f4e95