urlscan.io logo urlscan.io
SecurityTrails logo

img01.damedetrefle.com Open in urlscan Pro
217.160.0.112  Public Scan

Go To Rescan Add Verdict Report
URL: https://img01.damedetrefle.com/
Submission: On June 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 217.160.0.112, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is img01.damedetrefle.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on January 29th 2024. Valid for: a year.
This is the only time img01.damedetrefle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 217.160.0.112 8560 (IONOS-AS ...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.184.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a01:4f8:fff3... 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
2 34.95.64.249 396982 (GOOGLE-CL...)
21 9
6    217.160.0.112 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: 217-160-0-112.elastic-ssl.ui-r.com
img01.damedetrefle.com
2    2606:4700:20::ac43:4a69 (United States)

ASN13335 (CLOUDFLARENET, US)
cache.consentframework.com
choices.consentframework.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a01:4f8:fff3:f:: (Germany)

ASN24940 (HETZNER-AS, DE)
api.consentframework.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    34.95.64.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.64.95.34.bc.googleusercontent.com
bmad.xyz
Apex Domain
Subdomains		 Transfer
7 consentframework.com
cache.consentframework.com — Cisco Umbrella Rank: 46060
choices.consentframework.com — Cisco Umbrella Rank: 43222
api.consentframework.com — Cisco Umbrella Rank: 42850
171 KB
6 damedetrefle.com
img01.damedetrefle.com
52 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
2 bmad.xyz
bmad.xyz — Cisco Umbrella Rank: 686840
134 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
187 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
195 KB
21 6
Domain Requested by
6 img01.damedetrefle.com img01.damedetrefle.com
5 api.consentframework.com 1 redirects img01.damedetrefle.com
choices.consentframework.com
2 bmad.xyz img01.damedetrefle.com
2 www.google-analytics.com img01.damedetrefle.com
www.google-analytics.com
2 www.googletagmanager.com img01.damedetrefle.com
www.google-analytics.com
2 pagead2.googlesyndication.com img01.damedetrefle.com
pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 choices.consentframework.com img01.damedetrefle.com
1 cache.consentframework.com img01.damedetrefle.com
21 9

This site contains links to these domains. Also see Links.

Domain
www.pagesjaunes.fr
www.7tarot.fr
mespremiersbitcoins.com
www.consentframework.com
Subject Issuer Validity Valid
*.damedetrefle.com
Encryption Everywhere DV TLS CA - G2		 2024-01-29 -
2025-02-12		 a year crt.sh
consentframework.com
E1		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.consentframework.com
RapidSSL TLS RSA CA G1		 2024-02-19 -
2025-03-20		 a year crt.sh
bmad.xyz
WR3		 2024-05-17 -
2024-08-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://img01.damedetrefle.com/
Frame ID: 14456E6164A3F2410A763A56510A5A2C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Le Portail des Arts Divinatoires et Ésotériques - Dame de Tréfle

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

63 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

760 kB
Transfer

1990 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://api.consentframework.com/api/v1/public/profile?origin=https://img01.damedetrefle.com HTTP 302
  • https://api.consentframework.com/api/v1/public/profile?bounce=1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
img01.damedetrefle.com/ 		31 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache / FunyM/1.8c
Resource Hash
b834fffe71f9e10854f6371d88aa5083497afa8f3794ade87dadad40f303656e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=iso-8859-1
date
Thu, 06 Jun 2024 03:31:03 GMT
server
Apache
vary
Accept-Encoding
x-powered-by
FunyM/1.8c
stub
cache.consentframework.com/js/pa/25251/c/uFHdg/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.consentframework.com/js/pa/25251/c/uFHdg/stub
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb0cbb3ed6239cd63bc945a0e480633034cde30f1e0fc7de56a75b2a7c350a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-cache-status
EXPIRED
last-modified
Wed, 05 Jun 2024 15:10:38 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GataI8IC78liO6rvlKQp92S0nmpPYc0orzkXAk%2B3b7sVpmAuUUAz%2BRq5o8wmJj72o6TXynhA1pu5fWlYtaMdsQ2eHqxD5lwKfXJ0JWUqrjB6zmUSQBSgen7YGtVfRy%2Fc3jkPZLoUy6xGMa%2Bfw7uoaqmjKw%2BSUUV2"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
cf-ray
88f553cdacc11e45-FRA
cmp
choices.consentframework.com/js/pa/25251/c/uFHdg/ 		607 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.consentframework.com/js/pa/25251/c/uFHdg/cmp
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f01eea33ca4e4be058fbdc4081a6286bba8b58d6718d123f8d3f808c5dd3c6e7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-cache-status
EXPIRED
last-modified
Wed, 05 Jun 2024 20:47:18 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnqaLxI0Hemf5ThUm3%2Bn77Li2TkGfG5nOGW8Me%2BhF97Fu359C2TLsqf0f9mYmWxx4RPL2MKXSCJtVU6Zc%2FszSYFxfjL6BcwvHBoADgMyaMLKU7cB8C6VCk%2BC96XqI9CWs4I8WgqpYrVzHS3xAYIzTO2bIrrnY72BTEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
cf-ray
88f553cda8e7363f-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
68b1a7489fa4c27dad3eb9fe2c07a4cb07fb34556ca153b6abec51679fbcab4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52118
x-xss-protection
0
server
cafe
etag
10183153127643696821
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 06 Jun 2024 03:31:04 GMT
image_tirage_7tarotFr.jpg
img01.damedetrefle.com/images/uparticles/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img01.damedetrefle.com/images/uparticles/image_tirage_7tarotFr.jpg
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
c618361853af134addacab004712e9fab2efa12377e84caae08ab279d7b2f7dd
Security Headers
Name Value
X-Content-Type-Options nosniff”
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:03 GMT
x-content-type-options
nosniff”
last-modified
Sun, 20 Dec 2020 12:05:40 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
23595
x-xss-protection
1; mode=block
expires
Thu, 13 Jun 2024 03:31:03 GMT
adloader-v20180820.js
img01.damedetrefle.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img01.damedetrefle.com/js/adloader-v20180820.js
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
c90352ce0e93d965d4254e3eed20db62cb35d803644be1dd2e30c6cc1fc361b4
Security Headers
Name Value
X-Content-Type-Options nosniff”
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff”
last-modified
Mon, 20 Aug 2018 20:13:14 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/javascript
cache-control
max-age=604800, proxy-revalidate
accept-ranges
bytes
content-length
1140
x-xss-protection
1; mode=block
expires
Thu, 13 Jun 2024 03:31:03 GMT
knacss-minified-v1.css
img01.damedetrefle.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img01.damedetrefle.com/css/knacss-minified-v1.css
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
63fc386b9b6c2e44ea21afda1831341dfd8d96cfc661cec1a5b17392f51e7ed6
Security Headers
Name Value
X-Content-Type-Options nosniff”
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff”
last-modified
Sun, 15 Jul 2018 17:46:37 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800, proxy-revalidate
accept-ranges
bytes
content-length
2004
x-xss-protection
1; mode=block
expires
Thu, 13 Jun 2024 03:31:04 GMT
gtm.js
www.googletagmanager.com/ 		280 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KSQM8ZT
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f9a1838ccb6299a1ac515585aa61cc1acc5ced1c263dc9007b4a5ff95bf40e4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97544
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Jun 2024 03:31:04 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 06 Jun 2024 01:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6601
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 06 Jun 2024 03:41:03 GMT
banniere_accueil_1120.png
img01.damedetrefle.com/site-images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img01.damedetrefle.com/site-images/banniere_accueil_1120.png
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
7693185990e4a090c0678bc2f0506cd2e725717f5cb13a197eef85d3adfba858
Security Headers
Name Value
X-Content-Type-Options nosniff”
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
x-content-type-options
nosniff”
last-modified
Sun, 03 Jun 2018 17:40:34 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
14640
x-xss-protection
1; mode=block
expires
Thu, 13 Jun 2024 03:31:04 GMT
truncated
/ 		103 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f93888fe5643072630e3ec47b1a697786f0dccc7a57feb711738670315c2996b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1793957692&t=pageview&_s=1&dl=https%3A%2F%2Fimg01.damedetrefle.com%2F&ul=de-de&de=windows-1252&dt=Le%20Portail%20des%20Arts%20Divinatoires%20et%20%C3%89sot%C3%A9riques%20-%20Dame%20de%20Tr%C3%A9fle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1295517559&gjid=941092927&cid=1712825400.1717644664&tid=UA-10596689-1&_gid=310859412.1717644664&_r=1&_slc=1&z=139723773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e8bb32f036436281b4398feaf3c4ed41e712838bea0e911d2407ede56f996860
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 03:31:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://img01.damedetrefle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7820720639723193&plah=img01.damedetrefle.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
08d4b2e3b71b4b5a54100acb31a6f1a7d7a841408329354adfb371bd9efbda27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147236
x-xss-protection
0
server
cafe
etag
1485649681782902454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 06 Jun 2024 03:31:04 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BVPEPKEZB5&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
801388d237d451f3fa5455d5f52c9c53a1b239b174c7e8e7d1abc73f095b5457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93594
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 06 Jun 2024 03:31:04 GMT
profile
api.consentframework.com/api/v1/public/
Redirect Chain
  • https://api.consentframework.com/api/v1/public/profile?origin=https://img01.damedetrefle.com
  • https://api.consentframework.com/api/v1/public/profile?bounce=1
40 B
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/profile?bounce=1
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
HTTP/1.1
Server
2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://img01.damedetrefle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Thu, 06 Jun 2024 03:31:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://img01.damedetrefle.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
40

Redirect headers

Date
Thu, 06 Jun 2024 03:31:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://img01.damedetrefle.com
Location
https://api.consentframework.com/api/v1/public/profile?bounce=1
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
86
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BVPEPKEZB5&gtm=45je4630v9135399533za200&_p=1717644664002&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&ul=de-de&sr=1600x1200&cid=1712825400.1717644664&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fimg01.damedetrefle.com%2F&dt=Le%20Portail%20des%20Arts%20Divinatoires%20et%20%C3%89sot%C3%A9riques%20-%20Dame%20de%20Tr%C3%A9fle&sid=1717644664&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=403
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVPEPKEZB5&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 06 Jun 2024 03:31:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://img01.damedetrefle.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tcstring
api.consentframework.com/api/v1/public/ 		25 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/tcstring
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/25251/c/uFHdg/cmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 06 Jun 2024 03:31:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://img01.damedetrefle.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
25
favicon.ico
img01.damedetrefle.com/ 		514 B
852 B 		Other
General
Check archive.org
Download Go to
Full URL
https://img01.damedetrefle.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.0.112 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
217-160-0-112.elastic-ssl.ui-r.com
Software
Apache /
Resource Hash
ce42ff6703dd4e4574ecc8f4d2e8e3c94fbaa2e0d47b2871b65f384d48fcb9c3
Security Headers
Name Value
X-Content-Type-Options nosniff”
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
content-encoding
gzip
x-content-type-options
nosniff”
last-modified
Sun, 03 Jun 2018 17:41:39 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/vnd.microsoft.icon
cache-control
max-age=29030400, public
accept-ranges
bytes
content-length
537
x-xss-protection
1; mode=block
expires
Thu, 08 May 2025 03:31:04 GMT
pi.js
bmad.xyz/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bmad.xyz/pi.js
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.64.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.64.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
efb8976b994144ffe643122f0b021e7999bb80736e17160f8b4417bf04b9b7fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 02:41:35 GMT
age
2969
x-guploader-uploadid
ABPtcPrddB28cYbn9OKGEWE6rFSPPh47X4gg2fyzY4N1i85zAmb1eOqNzCmh5iyTooooJO7zVn0OY4-uWw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21696
last-modified
Thu, 13 Apr 2023 11:14:14 GMT
server
UploadServer
etag
"a2dea629b606f98b8e5d2836281aa875"
x-goog-generation
1681384454924861
x-goog-hash
crc32c=zT04ng==, md5=ot6mKbYG+YuOXSg2KBqodQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
21696
accept-ranges
bytes
content-type
text/javascript
consent-string
api.consentframework.com/api/v1/public/ 		217 B
559 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/consent-string
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/25251/c/uFHdg/cmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
2e1abae46a908e4e9fe577e8c6fd777219bf34af561ad5b224375cb5dcd55ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 06 Jun 2024 03:31:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://img01.damedetrefle.com
Cache-Control
no-store
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
217
user-action
api.consentframework.com/api/v1/public/ 		0
293 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.consentframework.com/api/v1/public/user-action
Requested by
Host: choices.consentframework.com
URL: https://choices.consentframework.com/js/pa/25251/c/uFHdg/cmp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:fff3:f:: , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://img01.damedetrefle.com
Date
Thu, 06 Jun 2024 03:31:04 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
prebid_8f6508153308d7909fe02ce3bc2e17ef.gz
bmad.xyz/ 		113 KB
113 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bmad.xyz/prebid_8f6508153308d7909fe02ce3bc2e17ef.gz
Requested by
Host: img01.damedetrefle.com
URL: https://img01.damedetrefle.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.64.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.64.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6aa7c072be709fcac23bc09323e84cdd3f9649ead7646034be58326d21e32fed

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img01.damedetrefle.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 06 Jun 2024 03:31:04 GMT
age
0
x-guploader-uploadid
ABPtcPqVS6ig0shnHoI6BdbQAvuhwH5tXUuGHavbRmLGhDM-dlMvGTnr1Urub9oHBQBDD4JOiLzDDBmFUA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115206
last-modified
Wed, 15 Nov 2023 15:25:15 GMT
server
UploadServer
etag
"bb05f32c58f7294e603952f03cc8cd0f"
x-goog-generation
1700061915289402
x-goog-hash
crc32c=v3nc8Q==, md5=uwXzLFj3KU5gOVLwPMjNDw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
115206
accept-ranges
bytes
content-type
application/gzip

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| __sdcmpapi function| __tcfapi function| loadCSS object| dataLayer object| adsbygoogle function| adsenseLoaderConfig function| adsenseLoader string| GoogleAnalyticsObject function| ga function| DisplayOffPub function| DisplayOnPub function| fMenuDomaine function| fMenuOption function| fMenuOptionDomaine object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| s object| SDDAN object| regeneratorRuntime object| Sddan object| google_tag_manager function| s_hsp function| mt_sdp number| mt_gdpr_on object| mt_gdpr_content boolean| mt_4 string| mt_9 number| mt_ext_stat number| mt_ext_stat_send boolean| mt_bid_cache boolean| mt_cmp_on number| mt_cmp_opt_lvl number| mt_dbstat_on number| mt_dbstat_cmp_only boolean| mt_l_result_found number| mt_8 number| mt_gv object| mt_temp_params number| mt_global_build_time object| mt_special_params object| mt_stopped_tags object| mt_google_slot_statuses object| mt_cl function| mt_get_container number| mt_start_loading_time function| checkReffererInner function| checkIsBot function| detectTrafficSource function| mt_check_cmp_purpose function| testCMP function| mt_lg function| mt_add_temp_param function| mt_th function| mt_add_hb_history function| mt_add_google_history function| mt_ib function| mt_search_divs function| mt_search_div function| mt_f function| mt_f_sub function| mt_i function| mt_gtt function| mt_get_tag_by_id function| mt_get_tag_by_block function| mt_mod_pb_hist function| mt_set_pb_hist function| mt_get_el_desc function| mt_l function| mt_sc function| mt_cp function| mt_get_geo function| mt_check_image function| intFromBytes function| bin2String function| mt_cb function| check_double_time_diap function| check_time_diap function| mt_rds function| mt_rdn function| mt_rde function| mt_ggr function| mt_ci function| mt_cg function| mt_cc function| slsc function| clsc function| glsc function| mt_clo function| mt_check_block_mask_id function| mt_check_block_pattern function| mt_check_mask_pattern function| mt_undnone_elements function| mt_pi function| mt_xr function| mt_set_tag_leveling function| mt_get_day_of_week function| mt_put_wrapper function| mt_custom_replace function| mt_check_have_childs function| mt_use_teplate function| und function| mt_rp function| clear_id function| mt_check_ip function| mt_throttle_check function| mt_cbo function| mt_v function| mt_get_domain function| mt_cbac function| mt_se function| lrm function| lgf function| chr function| adh function| mt_filter_script_repeat function| mt_filter_custom_triggers function| mt_filter_stop function| mt_filter_sizes function| mt_filter_iterations function| mt_filter_cmp function| mt_mlt_filter_template function| mt_mlt_filter_auto_placement function| mt_mlt_filter_multi_blocks function| mt_fsbl function| mt_bl_ex function| mt_ch_mltb number| mt_prebid_timeout_default number| mt_prebid_timeout boolean| mt_prebid_timeout_changed function| mt_h function| mt_9end_lib function| mt_rn function| mt_native_try_tag function| mt_a function| mt_pt function| mt_dt function| mt_s function| mt_spt function| mt_execute_passback function| mt_p function| disp function| mt_e number| mt_google_collector_activate_attempt function| mt_init_google_history function| s_g1 function| mt_receive_google_event function| mt_process_google_event function| mt_set_google_size function| s_g2 function| mt_check_google_ready function| mt_google_detect_activity function| mt_get_google_slot_by_id function| mt_clear_google_id function| mt_get_google_iframe_ad object| googletag function| mt_get_google_wrapper function| mt_st function| mt_ss object| cmp_list function| mt_get_cookie function| mt_register_cmp_events function| check_cmp_timer boolean| mt_cmp_refresh_activated function| check_tcf_api function| mt_refresh_tags_cmp object| mt_cmp_data number| variable_1 object| didomiEventListeners boolean| mt_tcf_api_event_set object| mt_custom_triggers object| mt_custom_triggers_to_tags object| mt_custom_triggers_options object| mt_custom_triggers_functions function| mt_pttg function| mt_process_triggers_array function| mt_process_triggers function| mt_process_trigger function| mt_process_filter function| mt_get_var_sub function| mt_check_google_ad_targeting boolean| mt_window_focus_state function| mt_srl function| mt_client_stat_add function| mt_add_client_stat function| mt_clear_client_stat function| mt_send_client_stat function| mt_client_stat_show function| mt_add_google_event_stat_click object| mt_client_click_iframe_stat_object function| mt_client_add_click_event function| mt_client_analyze function| mt_tag_have_deamon_leveling function| mt_client_deamon_leveling boolean| mt_blur_event_added function| mt_hbstat_process function| mt_so function| mt_add_dnone_stat function| mt_send_googletag_stat function| get_recursive_object function| mt_check_double_impression function| mt_send_double_impression_stat function| mt_start_double_impression_timer function| mt_add_google_send_stat_temp function| mt_add_google_send_stat function| mt_send_google_statistick function| mt_stat_get_connection_type function| mt_stat_get_os_type function| mt_stat_get_device_type function| mt_stat_get_browser_type function| mt_m function| mt_d object| mt_outdata object| mt_words_dict object| tag_templates boolean| p object| mt_t number| mt_5 function| google_sa_impl number| viewportHeight number| currentScroll object| rect object| top_element object| mt_10 object| mt_hb_history object| mt_1 object| mt_addunits__storage object| pbjs boolean| mt_3 object| pako object| pbjsChunk object| _pbjsGlobals object| ADAGIO boolean| mt_2 boolean| mt_3_end object| mt_lg_buffer number| mt_0 number| mt_time_old number| mt_time_new

5 Cookies

Domain/Path Name / Value
.damedetrefle.com/ Name: _ga
Value: GA1.2.1712825400.1717644664
.damedetrefle.com/ Name: _gid
Value: GA1.2.310859412.1717644664
.damedetrefle.com/ Name: _gat
Value: 1
.consentframework.com/ Name: euconsent-v2
Value: NO_CONSENT
.damedetrefle.com/ Name: _ga_BVPEPKEZB5
Value: GS1.2.1717644664.1.0.1717644664.0.0.0

3 Console Messages

Source Level URL
Text
other warning URL: https://img01.damedetrefle.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://img01.damedetrefle.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://img01.damedetrefle.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.consentframework.com
bmad.xyz
cache.consentframework.com
choices.consentframework.com
img01.damedetrefle.com
pagead2.googlesyndication.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
142.250.184.194
2001:4860:4802:34::36
217.160.0.112
2606:4700:20::ac43:4a69
2a00:1450:4001:808::2008
2a00:1450:4001:81c::200e
2a01:4f8:fff3:f::
34.95.64.249
08d4b2e3b71b4b5a54100acb31a6f1a7d7a841408329354adfb371bd9efbda27
2e1abae46a908e4e9fe577e8c6fd777219bf34af561ad5b224375cb5dcd55ec5
63fc386b9b6c2e44ea21afda1831341dfd8d96cfc661cec1a5b17392f51e7ed6
68b1a7489fa4c27dad3eb9fe2c07a4cb07fb34556ca153b6abec51679fbcab4c
6aa7c072be709fcac23bc09323e84cdd3f9649ead7646034be58326d21e32fed
6d24890b5608b6d182f02198897f50f220a40b66a08751a443ac714bf6f86602
7693185990e4a090c0678bc2f0506cd2e725717f5cb13a197eef85d3adfba858
7f14f779080b7a36e6a0aa05632a2571bf7887b65d8d90a939d7a645d6abb111
801388d237d451f3fa5455d5f52c9c53a1b239b174c7e8e7d1abc73f095b5457
b834fffe71f9e10854f6371d88aa5083497afa8f3794ade87dadad40f303656e
c618361853af134addacab004712e9fab2efa12377e84caae08ab279d7b2f7dd
c90352ce0e93d965d4254e3eed20db62cb35d803644be1dd2e30c6cc1fc361b4
ce42ff6703dd4e4574ecc8f4d2e8e3c94fbaa2e0d47b2871b65f384d48fcb9c3
dbb0cbb3ed6239cd63bc945a0e480633034cde30f1e0fc7de56a75b2a7c350a8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bb32f036436281b4398feaf3c4ed41e712838bea0e911d2407ede56f996860
efb8976b994144ffe643122f0b021e7999bb80736e17160f8b4417bf04b9b7fc
f01eea33ca4e4be058fbdc4081a6286bba8b58d6718d123f8d3f808c5dd3c6e7
f93888fe5643072630e3ec47b1a697786f0dccc7a57feb711738670315c2996b
f9a1838ccb6299a1ac515585aa61cc1acc5ced1c263dc9007b4a5ff95bf40e4c