urlscan.io logo urlscan.io
SecurityTrails logo

www.sofiotheque.info Open in urlscan Pro
2606:4700:3030::ac43:960c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sofiotheque.info/
Effective URL: https://www.sofiotheque.info/
Submission Tags: falconsandbox
Submission: On November 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3030::ac43:960c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sofiotheque.info.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 18th 2021. Valid for: a year.
This is the only time www.sofiotheque.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 141.94.99.191 16276 (OVH)
8 151.80.200.209 16276 (OVH)
1 2606:50c0:800... 54113 (FASTLY)
1 87.98.175.165 16276 (OVH)
1 151.80.200.208 16276 (OVH)
31 46.105.104.203 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
6 6 89.185.38.84 8426 (CLARANET-...)
3 89.185.38.100 8426 (CLARANET-...)
54 11
3    2606:4700:3030::ac43:960c (United States)

ASN13335 (CLOUDFLARENET, US)
www.sofiotheque.info
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    141.94.99.191 (France)

ASN16276 (OVH, FR)
PTR: ns3198505.ip-141-94-99.eu
i.ibb.co
8    151.80.200.209 (Roubaix, France)

ASN16276 (OVH, FR)
tags.clickintext.net
1    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
h.mrjaz.com
1    87.98.175.165 (France)

ASN16276 (OVH, FR)
PTR: ovh84.clickintext.com
fr.clickintext.net
1    151.80.200.208 (Roubaix, France)

ASN16276 (OVH, FR)
lb.apicit.net
31    46.105.104.203 (France)

ASN16276 (OVH, FR)
PTR: ns3111402.ip-46-105-104.eu
www-107-slidein.clickintext.net
www-107.clickintext.net
www-107-classic.clickintext.net
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    89.185.38.84 (Montmagny, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
tracking.publicidees.com
3    89.185.38.100 (Montmagny, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
ad.publicidees.com
Domain Requested by
20 www-107.clickintext.net tags.clickintext.net
www-107-classic.clickintext.net
www-107-slidein.clickintext.net
www.sofiotheque.info
8 tags.clickintext.net www.sofiotheque.info
lb.apicit.net
7 www-107-classic.clickintext.net tags.clickintext.net
lb.apicit.net
6 tracking.publicidees.com 6 redirects
4 www-107-slidein.clickintext.net tags.clickintext.net
www.sofiotheque.info
www-107-slidein.clickintext.net
3 ad.publicidees.com www-107.clickintext.net
3 cdnjs.cloudflare.com www.sofiotheque.info
3 www.sofiotheque.info 1 redirects www.sofiotheque.info
2 www.google-analytics.com www.sofiotheque.info
www.google-analytics.com
1 lb.apicit.net www.sofiotheque.info
1 fr.clickintext.net tags.clickintext.net
1 h.mrjaz.com www.sofiotheque.info
1 i.ibb.co www.sofiotheque.info
1 lh6.googleusercontent.com www.sofiotheque.info
54 14
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-18 -
2022-11-17		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
ibb.co
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
*.clickintext.net
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
h.mrjaz.com
R3		 2021-11-27 -
2022-02-25		 3 months crt.sh
rdc.apicit.net
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.sofiotheque.info/
Frame ID: 5D3C851A12DA9F8B6A3462916184011A
Requests: 46 HTTP requests in this frame

Frame: https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DQOAAjAyEAKFY0Wi1QNC8UVoRgAURGA3M1ZRNTDgdwYQpTVxEQZBsWBH1FHcx0CDdVMFITAhdwYD4SAkxgIEk2A0AQQCIWAsVAMbhTDwIAMVlEBnRVYA0zUnFVMNUxB2AVNVJUAnFgYF4TXox1OLczV%252FUQMBU2B%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtrackiTnAg.ApAublSiVcSiSdeTes.ScoSmS%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Frame ID: B0FFFDFF3E1F7936511283E4AF79182A
Requests: 2 HTTP requests in this frame

Frame: https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DwZeJDAlZlcfFEXmlgZRpBAtFwVBImBmJAPK8TAwc1YQFjXyIAZAAjXV8wGb1kCUAgNCQzBjVgYCwyAhlQeflzUq51QAUjV281NcxTCjFVZAwUAyEwZGwmA8oQPBU0V1A1aeFkAhBQOeR2DotVNK0GA7IANH0WB%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtSracAkiSngV.TpublAicideeSs.cAoAm%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Frame ID: 24C7E03A9829BB74F0BEA5059D5D3B68
Requests: 2 HTTP requests in this frame

Frame: https://www-107.clickintext.net/print.php?c=CLAV3&aid=2d5be92a45a27d2f970810b3f2c6a4d5&tag=6679_1_-1_300x250_076&logob=1&url=http%3A%2F%2Fwww-slidein.clickintext.net%2Fc%2F%3Ft%3Dsli%26k%3D4AAOLAGDgAAEUZmX0cQTR12UBkQbdBxVlFQTAEGV%252FJgOVNjB6EQYFwiA1cAdDsGUvN1FN0zDwUAbA4WUnZFZFYBA%252BsAMMoGAjRFOeR0BxEVPTtWCq1VYXNWA7AgZUVmA%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679%252Fhttps%253A%252F%252FtrackSiSnAgS.SpuSblicAiVdees.Tcom%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207063%2526cb%253D%2525CASHBACKDATA%2525%2526
Frame ID: 916554720D22F5B194B7FFDA4BCB527C
Requests: 2 HTTP requests in this frame

Frame: https://www-107.clickintext.net/footerexpand/pics/close.png
Frame ID: 50FB528E8603DBAFE578F94247CCD2D4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

✔ SofioThèQue

Page URL History Show full URLs

  1. http://www.sofiotheque.info/ HTTP 301
    https://www.sofiotheque.info/ Page URL

Page Statistics

54
Requests

94 %
HTTPS

42 %
IPv6

9
Domains

14
Subdomains

11
IPs

3
Countries

439 kB
Transfer

712 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sofiotheque.info/ HTTP 301
    https://www.sofiotheque.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060 HTTP 302
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060 HTTP 302
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060 HTTP 302
  • https://ad.publicidees.com/promos/banners/4136/207060.jpg
Request Chain 42
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060 HTTP 302
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060 HTTP 302
  • https://ad.publicidees.com/promos/banners/4136/207060.jpg
Request Chain 43
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207063 HTTP 302
  • https://ad.publicidees.com/promos/banners/4136/207063.jpg

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sofiotheque.info/
Redirect Chain
  • http://www.sofiotheque.info/
  • https://www.sofiotheque.info/
148 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:960c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56abe3bd8bf6c8c35c350073bdb56dbb402e95c00d9ed5bf6840d3dc6bc04905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
content-type
text/html; charset=UTF-8
x-robots-tag
all,noodp
expires
Sat, 27 Nov 2021 21:50:23 GMT
cache-control
private, max-age=0
last-modified
Sat, 27 Nov 2021 12:44:28 GMT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Jrwdbg4rhbeDUwkcb5CcFqtt9OVs5uWI7%2FcfsJQYRlTu0cOJl2DfQLdhCHBAa1s4uV0uSDRjo933qP13CZLiOlhM%2FcGSIaZglF1N%2BbUYCjFXN0c4ZgXfQDQsWCRNLXTeJAK9u9%2F%2Bu7cQZz%2FVo%2B6tKj1NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6b4e92618ecc3751-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Sat, 27 Nov 2021 21:50:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 27 Nov 2021 22:50:22 GMT
Location
https://www.sofiotheque.info/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEGuY9%2Bgwd36soUkXrr9s0z1tLSAG%2FdvRMKT1uw0tv%2FKTcayI49Hlz4%2BldiJJf23MsdRx2lvr9tH1FQR%2FQGpiqlPdZ44fVYvLJY6s%2Bywy4mXSqoFdWZ6aZlhu2%2B%2Bm9FPin9Av7ouKiMgAEK33HJ2IG4rMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6b4e9260fbfd5a19-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
h1J-I8-PHW2hvXV90EuvsPmXbptNPPqXO7dFy1piKEO7HBc6I7ZjCPLlLc7yYe6BTVoDcgCSrpQp-9a5lERN0ytnjg
lh6.googleusercontent.com/proxy/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/proxy/h1J-I8-PHW2hvXV90EuvsPmXbptNPPqXO7dFy1piKEO7HBc6I7ZjCPLlLc7yYe6BTVoDcgCSrpQp-9a5lERN0ytnjg
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fbb5ce510cb80aa4e6026448e390ec27fdf49d2c55fa6d83ec92dc9c7f469bc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23521
x-xss-protection
0
expires
Sun, 28 Nov 2021 21:50:23 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofiotheque.info/
Origin
https://www.sofiotheque.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
871814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13548
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-34ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fql78ajkxkeZO8rFOlCpxiwIJPOEHRCWPp907b6mLouhmm7xkaIb8Xy%2BdAbl0VyjmIDif1m6vxWWQ%2BPsEZuwyT1yT55rUqgKK6g7YLaR3glPRIUdCCshVvCSJw9S4zwc2bmxfywkIjdHtgugXTHNsmgK"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b4e9263cc664e44-FRA
expires
Thu, 17 Nov 2022 21:50:23 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofiotheque.info/
Origin
https://www.sofiotheque.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
439775
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
80300
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4sdGG4hlkRb0Sg1jA6KoTHAOjxFy2f3uACSA9KYFTOg70Mm7QLo32tPEney%2BFKthgJN56ShgtSCwQJUbw2Gl0bxBh0JDPZOWGCRpOfxbOnB7nVWGOUanpqXdxpNS%2FQ%2F8G0uGeYyysWRU7jvB0rGUzqF"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b4e9263cc684e44-FRA
expires
Thu, 17 Nov 2022 21:50:23 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofiotheque.info/
Origin
https://www.sofiotheque.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1915055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
78460
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Fe%2FqYcWY5ttNm57hBZ%2F3Va2CPpLcLFe%2ByvwGMFjXdF2%2FlZtWrZd%2FlEYT6CIl4Be7Q0Ll53PJtEpXOt%2BbkuCLvA4EQS8Mr3fFHu5U%2BFwYuFgh6wRyeHiGY6r53CWEf2a1z1kS7HcKEpSaii%2B8Ee3m3iR"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b4e9263cc694e44-FRA
expires
Thu, 17 Nov 2022 21:50:23 GMT
Sofiotheque-footer-min.png
i.ibb.co/PjQC4mt/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/PjQC4mt/Sofiotheque-footer-min.png
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.99.191 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3198505.ip-141-94-99.eu
Software
nginx /
Resource Hash
19c960fe6934ab843b51147167c86018eae23b7a912f49f387379a19278e849e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
last-modified
Sun, 31 Oct 2021 22:51:12 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3421
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:960c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 17:32:49 GMT
server
cloudflare
etag
W/"619bd441-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ux8%2FosxlP4HtVMDScByLlUjPKkK2igxqkhjgUlDEhezBLnQMbU0z%2BXAknpwWtxabLMbdMX0VIRdspLGwXUCpX9tte0posiwcdeh77TIO9E1WWT6mvDL8534dyfduCh9ji75t5s9%2B6JVZcpBKXuvLgLS8rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b4e9263fc973751-MXP
vary
Accept-Encoding
expires
Mon, 29 Nov 2021 21:50:23 GMT
UHlISGNHP9Tbp
tags.clickintext.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/UHlISGNHP9Tbp
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0db56bb089ca4e7286e1987b8eac047a1dc2531e35d86566bf8caf106cf1c806

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
JDvJOGOnQ3GVU
tags.clickintext.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/JDvJOGOnQ3GVU
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6d3874670c22bcb864a0e198e87b4a60a76d0662018ddd88eaea7de4255c0126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/x-javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
JMJCSp6XjSTww
tags.clickintext.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/JMJCSp6XjSTww
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c424563aaf51a873efa3f2562afb67a6b1f7f90bdf4af73c6e315c8bcac3db6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/x-javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
bh.js
h.mrjaz.com/ 		354 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.mrjaz.com/bh.js
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
e2afc3ce7562b196741e5100b8e52d0fbc8327c8bf072fd3e105f7a181037046

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id
6e121bcd33887cc84d0074abb6e228c16fa1e98d
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
207
x-served-by
cache-mxp6940-MXP
access-control-allow-origin
*
last-modified
Sat, 27 Nov 2021 17:09:05 GMT
server
GitHub.com
x-github-request-id
938E:30B5:196DEE5:1A2323D:61A2A466
x-timer
S1638049823.455748,VS0,VE396
etag
W/"61a26631-162"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 27 Nov 2021 21:44:31 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
cit.kelkoo.utf8.js
fr.clickintext.net/js.min/ 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.clickintext.net/js.min/cit.kelkoo.utf8.js?4
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/JMJCSp6XjSTww
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.98.175.165 , France, ASN16276 (OVH, FR),
Reverse DNS
ovh84.clickintext.com
Software
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u /
Resource Hash
15f5898049642c2886773efc4777c6d6c920b1362451fa2eae24f1f600c0fe07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 21:50:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Nov 2020 08:24:08 GMT
Server
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u
ETag
"9b3a-5b44937f91e19-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
close
Accept-Ranges
bytes
Content-Length
8616
loader.v8.php
lb.apicit.net/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d4c6b55667297e8edac11e0eabe4d934fab7e1f29da722ce52d0ea24eaf762d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript
expires
Thu, 19 Nov 1981 08:52:00 GMT
exec.dev.php
www-107-slidein.clickintext.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-slidein.clickintext.net/exec.dev.php?a=14817&zk=JDvJOGOnQ3GVU&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&cithref=&if=0&mobile=0
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/JDvJOGOnQ3GVU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
f77718b313928bf3139abae493a1ee61297f4ceed555261e8828d58b74ee39db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/x-javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
UHlISGNHP9Tbp
tags.clickintext.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/UHlISGNHP9Tbp
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
938970fe5ccb36ba93471f05522b6edeedf01c86b7b8e9e4378319e496f2581d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:23 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
tlbg.png
www-107.clickintext.net/pics/popup2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/tlbg.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
5b044da2ee5e03630be938d164048e61909d3cf278ab99f64850960d04d4c401

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d747fc-768"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
tlbg.gif
www-107.clickintext.net/pics/popup2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/tlbg.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
af280540748b813660bb00c52e036a1fcb6eb103297f4a4909b6a0dec0ccdbf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86967-82f"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
top.png
www-107.clickintext.net/pics/popup2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/top.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
c0503fe1e364f1a65410f9bf0c2f1025545aea8d9b7bd55a05666125bfc7a2ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86fd8-10a7"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
top.gif
www-107.clickintext.net/pics/popup2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/top.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
4b58f65e12c30fdc3b7f98b00ddc9cf5bcf9778d1c704290e0f1cca3fe415b07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86fe3-ded"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
lp_fr.png
www-107.clickintext.net/pics/popup2/ 		700 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/lp_fr.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
534fb582cc79e810a007e0a977cc03d9a1ea5734c0b046cac4848f5960d1f076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d74ecd-2bc"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
lp_fr.gif
www-107.clickintext.net/pics/popup2/ 		457 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/lp_fr.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
73e382e51b5fe78808d121f578ffaa88495fc5419bc8f8860921fd7fc65b2896

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86966-1c9"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
middle.png
www-107.clickintext.net/pics/popup2/ 		217 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/middle.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
67bc765c14cf076eb439695c5011509016c2599d122e4148fc217b7be8473ec9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d747fb-d9"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
middle.gif
www-107.clickintext.net/pics/popup2/ 		118 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/middle.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
30d9d4335d8163587826036668007afa2bf5ffc5945b840257e0db8e91c7aed7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86966-76"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
b1.png
www-107.clickintext.net/pics/popup2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/b1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
72b302627aae6fe8cdd9fc0163d7b2d1c6747fe78fc757c6382af17e96fc9b77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d747fa-981"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
b1.gif
www-107.clickintext.net/pics/popup2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/b1.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
0ff16e8c299415bbcf4688c823c54b2a4830a3bd9e13db2032d07b491a0aa996

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86965-ba5"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
bm.png
www-107.clickintext.net/pics/popup2/ 		572 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/bm.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
ab4f55734b49c8ce0b62d2e60db98d6dc7789e279d24908300849168476898b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d75164-23c"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
bm.gif
www-107.clickintext.net/pics/popup2/ 		117 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/bm.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
ae0b32249482106b27c068ee833c43363c6912b3b39eaa4b73fae2a8757ec4c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86966-75"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
b2.png
www-107.clickintext.net/pics/popup2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/b2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
1997af623fc17024ab22b7fda699b0cd59eb76f38c921e9c13c9e16cea52bdbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d747fb-5eb"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
b2.gif
www-107.clickintext.net/pics/popup2/ 		673 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/pics/popup2/b2.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
2d64747c13a3176e09be77ce03050a0d0e2ae33c8813cbf4d945efcdd2c5ad93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44d86965-2a1"
content-type
image/gif
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
content.php
www-107-classic.clickintext.net/execs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=14817&f=120x600&zk=UHlISGNHP9Tbp&ccn=0&frameId=frameCIT81d98287e65295b6276b89b719776797i&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&top=https%3A//www.sofiotheque.info/&pAv=1&mobile=0
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/UHlISGNHP9Tbp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
796ac73e66893cb362483affbeaf8277b277e7104926223bdc1019b2c3dbdb9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2957
date
Sat, 27 Nov 2021 21:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 27 Nov 2021 23:01:07 GMT
/
tags.clickintext.net/takeasafe/ 		2 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takeasafe/?t=1638049823&k=17b400&h=www.sofiotheque.info&
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
cit.php
www-107.clickintext.net/execs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/execs/cit.php?a=14817&zk=JMJCSp6XjSTww&21x50x24&v3plus=&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&rEfFir=https%3A%2F%2Fwww.sofiotheque.info%2F
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/JMJCSp6XjSTww
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
f998709f2eca050248aac25460735982b896f25131be0c615b00f253854310c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/x-javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
content.php
www-107-classic.clickintext.net/execs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=14817&f=120x600&zk=UHlISGNHP9Tbp&ccn=1&frameId=frameCIT2b7c6bb8e705c3e9e5d99193d3b69a99i&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&top=https%3A//www.sofiotheque.info/&pAv=1&mobile=0
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/UHlISGNHP9Tbp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
70b54a5ce12f376dbb3c16c29975f4dcfe580f55149f7605d1fb56c9bcf09da0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1928206831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sofiotheque.info%2F&ul=en-us&de=UTF-8&dt=%E2%9C%94%20SofioTh%C3%A8Que&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=788523922&gjid=1873695079&cid=410838064.1638049824&tid=UA-119672153-4&_gid=489264160.1638049824&_r=1&_slc=1&z=2045214261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sofiotheque.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sofiotheque.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
print.php
www-107.clickintext.net/ Frame B0FF 		805 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DQOAAjAyEAKFY0Wi1QNC8UVoRgAURGA3M1ZRNTDgdwYQpTVxEQZBsWBH1FHcx0CDdVMFITAhdwYD4SAkxgIEk2A0AQQCIWAsVAMbhTDwIAMVlEBnRVYA0zUnFVMNUxB2AVNVJUAnFgYF4TXox1OLczV%252FUQMBU2B%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtrackiTnAg.ApAublSiVcSiSdeTes.ScoSmS%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Requested by
Host: www-107-classic.clickintext.net
URL: https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=14817&f=120x600&zk=UHlISGNHP9Tbp&ccn=1&frameId=frameCIT2b7c6bb8e705c3e9e5d99193d3b69a99i&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&top=https%3A//www.sofiotheque.info/&pAv=1&mobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
34785b08a58f23b791197408c9c85206c75b79bb55f285cd2d53ad62f65c0f41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/

Response headers

server
nginx
date
Sat, 27 Nov 2021 21:50:24 GMT
content-type
text/html; charset=ISO-8859-1
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
print.php
www-107.clickintext.net/ Frame 24C7 		800 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DwZeJDAlZlcfFEXmlgZRpBAtFwVBImBmJAPK8TAwc1YQFjXyIAZAAjXV8wGb1kCUAgNCQzBjVgYCwyAhlQeflzUq51QAUjV281NcxTCjFVZAwUAyEwZGwmA8oQPBU0V1A1aeFkAhBQOeR2DotVNK0GA7IANH0WB%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtSracAkiSngV.TpublAicideeSs.cAoAm%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Requested by
Host: www-107-classic.clickintext.net
URL: https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=14817&f=120x600&zk=UHlISGNHP9Tbp&ccn=0&frameId=frameCIT81d98287e65295b6276b89b719776797i&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&top=https%3A//www.sofiotheque.info/&pAv=1&mobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
787890ebbce44d6769e766295378c6d564c35014467d008571b0f5e4df07d6c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/

Response headers

server
nginx
date
Sat, 27 Nov 2021 21:50:24 GMT
content-type
text/html; charset=ISO-8859-1
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
advertisers.php
www-107.clickintext.net/ 		37 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/advertisers.php
Requested by
Host: www-107-classic.clickintext.net
URL: https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=14817&f=120x600&zk=UHlISGNHP9Tbp&ccn=0&frameId=frameCIT81d98287e65295b6276b89b719776797i&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&top=https%3A//www.sofiotheque.info/&pAv=1&mobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
9388ae93a170ff323c1a38816f98f7cc7d4ebbcf0d70fdf3079aa1f40ba3f148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
cache-control
no-cache
content-type
text/html; charset=ISO-8859-1
server
nginx
content-encoding
gzip
expires
Fri, 01 Jan 2010 05:00:00 GMT
starwhite.png
www-107-slidein.clickintext.net/pics/ 		696 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107-slidein.clickintext.net/pics/starwhite.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
ae785567daf29378edcd510a5cdd412a4e72e2e821e78143a93a2446c45e1842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"53b3f3b9-2b8"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
print.php
www-107.clickintext.net/ Frame 9165 		766 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/print.php?c=CLAV3&aid=2d5be92a45a27d2f970810b3f2c6a4d5&tag=6679_1_-1_300x250_076&logob=1&url=http%3A%2F%2Fwww-slidein.clickintext.net%2Fc%2F%3Ft%3Dsli%26k%3D4AAOLAGDgAAEUZmX0cQTR12UBkQbdBxVlFQTAEGV%252FJgOVNjB6EQYFwiA1cAdDsGUvN1FN0zDwUAbA4WUnZFZFYBA%252BsAMMoGAjRFOeR0BxEVPTtWCq1VYXNWA7AgZUVmA%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679%252Fhttps%253A%252F%252FtrackSiSnAgS.SpuSblicAiVdees.Tcom%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207063%2526cb%253D%2525CASHBACKDATA%2525%2526
Requested by
Host: www-107-slidein.clickintext.net
URL: https://www-107-slidein.clickintext.net/exec.dev.php?a=14817&zk=JDvJOGOnQ3GVU&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&cithref=&if=0&mobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
4f8a956ad1a7d89ba7d426ef10da353b1f5d38e57cdd3de09b7d171f01a7e32f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/

Response headers

server
nginx
date
Sat, 27 Nov 2021 21:50:24 GMT
content-type
text/html; charset=ISO-8859-1
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
close.png
www-107.clickintext.net/footerexpand/pics/ Frame 50FB 		785 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107.clickintext.net/footerexpand/pics/close.png
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
e80e7ae68127794396f3ee42b263f88ba8aaa64bd1ea387f24b4c6cbad3d2a5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"53a1aee9-311"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
tinylogowhite.CIT.png
www-107-slidein.clickintext.net/pics/ Frame 50FB 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-107-slidein.clickintext.net/pics/tinylogowhite.CIT.png
Requested by
Host: www.sofiotheque.info
URL: https://www.sofiotheque.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
b050531f0b19ed406cec9cfbc58d72a4b4dd9185a66c6ed68107bfb8f15bb202

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"54ea171e-364"
content-type
image/png
cache-control
max-age=86400, public
expires
Sun, 28 Nov 2021 21:50:24 GMT
207060.jpg
ad.publicidees.com/promos/banners/4136/ Frame B0FF
Redirect Chain
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060
  • https://ad.publicidees.com/promos/banners/4136/207060.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.publicidees.com/promos/banners/4136/207060.jpg
Requested by
Host: www-107.clickintext.net
URL: https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DQOAAjAyEAKFY0Wi1QNC8UVoRgAURGA3M1ZRNTDgdwYQpTVxEQZBsWBH1FHcx0CDdVMFITAhdwYD4SAkxgIEk2A0AQQCIWAsVAMbhTDwIAMVlEBnRVYA0zUnFVMNUxB2AVNVJUAnFgYF4TXox1OLczV%252FUQMBU2B%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtrackiTnAg.ApAublSiVcSiSdeTes.ScoSmS%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Protocol
H2
Server
89.185.38.100 Montmagny, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b3be48f231e71fb4c228a2c1f7677cf10545c29aca91b07c9c6160408e2d0da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-107.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
last-modified
Fri, 02 Aug 2019 13:05:55 GMT
server
nginx
etag
"5d443533-77f1"
content-type
image/jpeg
expires
Sat, 27 Nov 2021 21:55:24 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
30705
x-proxy-cache
HIT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 21:50:24 GMT
Last-Modified
Sat, 27 Nov 2021 21:50:24 GMT
Server
nginx/1.14.0
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
https://ad.publicidees.com/promos/banners/4136/207060.jpg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Expires
0
207060.jpg
ad.publicidees.com/promos/banners/4136/ Frame 24C7
Redirect Chain
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207060
  • https://ad.publicidees.com/promos/banners/4136/207060.jpg
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.publicidees.com/promos/banners/4136/207060.jpg
Requested by
Host: www-107.clickintext.net
URL: https://www-107.clickintext.net/print.php?c=CLAV3&tag=6679_1_-1_120x600_947&aid=2d5be92a45a27d2f970810b3f2c6a4d5&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%253D%253DwZeJDAlZlcfFEXmlgZRpBAtFwVBImBmJAPK8TAwc1YQFjXyIAZAAjXV8wGb1kCUAgNCQzBjVgYCwyAhlQeflzUq51QAUjV281NcxTCjFVZAwUAyEwZGwmA8oQPBU0V1A1aeFkAhBQOeR2DotVNK0GA7IANH0WB%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1%252Fhttps%253A%252F%252FtSracAkiSngV.TpublAicideeSs.cAoAm%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207060%2526cb%253D%2525CASHBACKDATA%2525%2526
Protocol
H2
Server
89.185.38.100 Montmagny, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b3be48f231e71fb4c228a2c1f7677cf10545c29aca91b07c9c6160408e2d0da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-107.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
last-modified
Fri, 02 Aug 2019 13:05:55 GMT
server
nginx
etag
"5d443533-77f1"
content-type
image/jpeg
expires
Sat, 27 Nov 2021 21:55:24 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
30705
x-proxy-cache
MISS

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 21:50:24 GMT
Last-Modified
Sat, 27 Nov 2021 21:50:24 GMT
Server
nginx/1.14.0
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
https://ad.publicidees.com/promos/banners/4136/207060.jpg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Expires
0
207063.jpg
ad.publicidees.com/promos/banners/4136/ Frame 9165
Redirect Chain
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7118&promoid=207063
  • https://ad.publicidees.com/promos/banners/4136/207063.jpg
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.publicidees.com/promos/banners/4136/207063.jpg
Requested by
Host: www-107.clickintext.net
URL: https://www-107.clickintext.net/print.php?c=CLAV3&aid=2d5be92a45a27d2f970810b3f2c6a4d5&tag=6679_1_-1_300x250_076&logob=1&url=http%3A%2F%2Fwww-slidein.clickintext.net%2Fc%2F%3Ft%3Dsli%26k%3D4AAOLAGDgAAEUZmX0cQTR12UBkQbdBxVlFQTAEGV%252FJgOVNjB6EQYFwiA1cAdDsGUvN1FN0zDwUAbA4WUnZFZFYBA%252BsAMMoGAjRFOeR0BxEVPTtWCq1VYXNWA7AgZUVmA%26mobile%3D0%26m5%3D3113198212c2ab6f662ebf5e0c24ae7f%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679%252Fhttps%253A%252F%252FtrackSiSnAgS.SpuSblicAiVdees.Tcom%252Fclic.php%253Fpartid%253D8826%2526progid%253D7118%2526promoid%253D207063%2526cb%253D%2525CASHBACKDATA%2525%2526
Protocol
H2
Server
89.185.38.100 Montmagny, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
e57ba246451bf35125df3ccc0f1e03b7ccbb1fd642eca2b256dc65e1d51f7b8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www-107.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
last-modified
Fri, 02 Aug 2019 13:06:14 GMT
server
nginx
etag
"5d443546-8254"
content-type
image/jpeg
expires
Sat, 27 Nov 2021 21:55:24 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
33364
x-proxy-cache
HIT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 21:50:24 GMT
Last-Modified
Sat, 27 Nov 2021 21:50:24 GMT
Server
nginx/1.14.0
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
https://ad.publicidees.com/promos/banners/4136/207063.jpg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Expires
0
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=ec6c739a8cf26af7e3312c971cc08190&s=0%2C3%2C0%2CfirstSeen%2C100&d=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=ec6c739a8cf26af7e3312c971cc08190&s=0%2C3%2C1%2CfirstSeen%2C98&d=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=ec6c739a8cf26af7e3312c971cc08190&s=0%2C3%2C0%2Cloading%2C0&d=
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www-107-slidein.clickintext.net/a/ 		7 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-slidein.clickintext.net/a/?n=1&k=4AAOLAGDgAAEUZmX0cQTR12UBkQbdBxVlFQTAEGV%2FJgOVNjB6EQYFwiA1cAdDsGUvN1FN0zDwUAbA4WUnZFZFYBA%2BsAMMoGAjRFOeR0BxEVPTtWCq1VYXNWA7AgZUVmA&m5=3113198212c2ab6f662ebf5e0c24ae7f&cbdata=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7&annonces=AE6679&0.035971888109823213
Requested by
Host: www-107-slidein.clickintext.net
URL: https://www-107-slidein.clickintext.net/exec.dev.php?a=14817&zk=JDvJOGOnQ3GVU&apicitIdPAPXTime=2d5be92a45a27d2f970810b3f2c6a4d5&apicitIdPAPXTimeMore=sw%5B0%5D&cithref=&if=0&mobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
e98b26196047337a19e6ef6d13f48dc5f54f6f442c23fc164dac5e03ed2208c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/x-javascript;charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1638049823&k=17b400&0_an=1&0_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&0_ty=8&0_be=100&0_max=503&0_del=500&1_an=1&1_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&1_ty=8&1_be=98&1_max=503&1_del=500&2_an=1&2_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679&2_ty=7&2_be=581&ast=153427_152822_155161_155161&twr=none
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:24 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1638049823&k=17b400&0_an=1&0_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&0_ty=8&0_be=100&0_max=1502&0_del=1500&1_an=1&1_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&1_ty=8&1_be=98&1_max=1502&1_del=1500&2_an=1&2_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679&2_ty=7&2_be=581&2_max=999&2_del=1000&twr=none
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:25 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=ec6c739a8cf26af7e3312c971cc08190&s=0%2C3%2C0%2CokSeen%2C2602&d=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:26 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=ec6c739a8cf26af7e3312c971cc08190&s=0%2C3%2C1%2CokSeen%2C2600&d=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 21:50:26 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=ISO-8859-1
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1638049823&k=17b400&0_an=1&0_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&0_ty=8&0_be=100&0_max=2502&0_del=2500&1_an=1&1_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S155161W0I8E6679K1&1_ty=8&1_be=98&1_max=2502&1_del=2500&2_an=1&2_cbd=AU2d5be92a45a27d2f970810b3f2c6a4d5R1S152822W0I7E6679&2_ty=7&2_be=581&2_max=1999&2_del=2000&twr=none
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Ffex%2Fcit14817&RK=CIT&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sofiotheque.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 21:50:27 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __cfQR string| noThumbnail string| oj object| exportify boolean| lazycodeone object| clickintext_initied number| clickintext_noboucle boolean| clickintext_sendToServer boolean| clickintext_sendToServerAffine string| clickintext_PlusV3 boolean| clickintext_fromOnload object| ClickInTextIds function| clickintext_grain function| clickintext_logdev function| ClickInTextCheckPageStatus undefined| cit_pap_visiteur_datas function| cit_pap_visiteur function| clickintext_init20 string| ClickInTextHost string| CitUseUtf8 string| CitJsMin object| scriptHead number| positionAvailable object| topWindow string| forDebug object| doc undefined| $ undefined| jQuery string| apicitDatas string| CITPass boolean| CITPassed string| CITSentenceSponsoredLink undefined| CITBloqueFirstTop undefined| CITHideSomeElementsTimeout function| ClickInText function| ClickInTextImgPng function| ClickInTextImgPngBg object| ClickInTextOldVisibilities number| ClickInTextIdNumber function| ClickInTextHideSomeElements function| ClickInTextHasElementsToHide function| ClickInTextTimeout function| ClickInTextRemoveElement number| ClickInTextLastOpacity function| ClickInTextOpacity function| ClickInTextOverElement function| noaccent function| noaccent2 function| reduce function| inline object| CITPreloadImg function| CITPreloadImage function| ClickInTextDrawIt undefined| ClickInTextCurrentAnnounce boolean| ClickInTextAllowed boolean| ClickInTextClicable number| ClickInTextBoucles number| xSouris number| ySouris number| xSouris2 number| ySouris2 function| position function| ClickInTextPopupIt function| ClickInTextFindPos function| ClickInTextOverAnnonce string| GoogleAnalyticsObject function| ga boolean| __cfRLUnblockHandlers object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| curtop

12 Cookies

Domain/Path Name / Value
.clickintext.net/ Name: witchServeur-7
Value: 107
tags.clickintext.net/ Name: witchServeur-7
Value: 107
.apicit.net/ Name: apicit
Value: 2d5be92a45a27d2f970810b3f2c6a4d5
.apicit.net/ Name: sw
Value: 257471423
.sofiotheque.info/ Name: _ga
Value: GA1.2.410838064.1638049824
.sofiotheque.info/ Name: _gid
Value: GA1.2.489264160.1638049824
.sofiotheque.info/ Name: _gat_blogger
Value: 1
.clickintext.net/ Name: SLI14817
Value: 1638049824
.clickintext.net/ Name: SLI14817NB
Value: 1
.clickintext.net/ Name: mySimsNetwork
Value: 23428
tracking.publicidees.com/ Name: IC
Value: eJwzNzS0qE6xMjQztjAwsbQwMqkpAXOMjIzMgJyCcisLCyOzmoIiKyMDcwMzg5rkJKtaAG6cDlo
tracking.publicidees.com/ Name: WUC
Value: eJxFzDsOgEAIBcAjyQKyD27jBxM7Y0wsXO-usbGcZmopuOYoJiB1sLbjAzPbi-0MgK1tezBVMmrTGPd6USgt4CqaUFSXNDHJ9JLs8H6Yu7-8H0-FGoU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.publicidees.com
cdnjs.cloudflare.com
fr.clickintext.net
h.mrjaz.com
i.ibb.co
lb.apicit.net
lh6.googleusercontent.com
tags.clickintext.net
tracking.publicidees.com
www-107-classic.clickintext.net
www-107-slidein.clickintext.net
www-107.clickintext.net
www.google-analytics.com
www.sofiotheque.info
141.94.99.191
151.80.200.208
151.80.200.209
2606:4700:3030::ac43:960c
2606:4700::6810:125e
2606:50c0:8000::153
2a00:1450:4001:827::2001
2a00:1450:4001:831::200e
46.105.104.203
87.98.175.165
89.185.38.100
89.185.38.84
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53
0db56bb089ca4e7286e1987b8eac047a1dc2531e35d86566bf8caf106cf1c806
0ff16e8c299415bbcf4688c823c54b2a4830a3bd9e13db2032d07b491a0aa996
15f5898049642c2886773efc4777c6d6c920b1362451fa2eae24f1f600c0fe07
1997af623fc17024ab22b7fda699b0cd59eb76f38c921e9c13c9e16cea52bdbc
19c960fe6934ab843b51147167c86018eae23b7a912f49f387379a19278e849e
2d64747c13a3176e09be77ce03050a0d0e2ae33c8813cbf4d945efcdd2c5ad93
30d9d4335d8163587826036668007afa2bf5ffc5945b840257e0db8e91c7aed7
34785b08a58f23b791197408c9c85206c75b79bb55f285cd2d53ad62f65c0f41
4b58f65e12c30fdc3b7f98b00ddc9cf5bcf9778d1c704290e0f1cca3fe415b07
4f8a956ad1a7d89ba7d426ef10da353b1f5d38e57cdd3de09b7d171f01a7e32f
534fb582cc79e810a007e0a977cc03d9a1ea5734c0b046cac4848f5960d1f076
56abe3bd8bf6c8c35c350073bdb56dbb402e95c00d9ed5bf6840d3dc6bc04905
5b044da2ee5e03630be938d164048e61909d3cf278ab99f64850960d04d4c401
67bc765c14cf076eb439695c5011509016c2599d122e4148fc217b7be8473ec9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3874670c22bcb864a0e198e87b4a60a76d0662018ddd88eaea7de4255c0126
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
70b54a5ce12f376dbb3c16c29975f4dcfe580f55149f7605d1fb56c9bcf09da0
72b302627aae6fe8cdd9fc0163d7b2d1c6747fe78fc757c6382af17e96fc9b77
73e382e51b5fe78808d121f578ffaa88495fc5419bc8f8860921fd7fc65b2896
787890ebbce44d6769e766295378c6d564c35014467d008571b0f5e4df07d6c6
796ac73e66893cb362483affbeaf8277b277e7104926223bdc1019b2c3dbdb9b
8b3be48f231e71fb4c228a2c1f7677cf10545c29aca91b07c9c6160408e2d0da
9388ae93a170ff323c1a38816f98f7cc7d4ebbcf0d70fdf3079aa1f40ba3f148
938970fe5ccb36ba93471f05522b6edeedf01c86b7b8e9e4378319e496f2581d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab4f55734b49c8ce0b62d2e60db98d6dc7789e279d24908300849168476898b3
ae0b32249482106b27c068ee833c43363c6912b3b39eaa4b73fae2a8757ec4c2
ae785567daf29378edcd510a5cdd412a4e72e2e821e78143a93a2446c45e1842
af280540748b813660bb00c52e036a1fcb6eb103297f4a4909b6a0dec0ccdbf8
b050531f0b19ed406cec9cfbc58d72a4b4dd9185a66c6ed68107bfb8f15bb202
c0503fe1e364f1a65410f9bf0c2f1025545aea8d9b7bd55a05666125bfc7a2ea
c424563aaf51a873efa3f2562afb67a6b1f7f90bdf4af73c6e315c8bcac3db6f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9
d4c6b55667297e8edac11e0eabe4d934fab7e1f29da722ce52d0ea24eaf762d1
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e2afc3ce7562b196741e5100b8e52d0fbc8327c8bf072fd3e105f7a181037046
e57ba246451bf35125df3ccc0f1e03b7ccbb1fd642eca2b256dc65e1d51f7b8b
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
e80e7ae68127794396f3ee42b263f88ba8aaa64bd1ea387f24b4c6cbad3d2a5f
e98b26196047337a19e6ef6d13f48dc5f54f6f442c23fc164dac5e03ed2208c6
f77718b313928bf3139abae493a1ee61297f4ceed555261e8828d58b74ee39db
f998709f2eca050248aac25460735982b896f25131be0c615b00f253854310c5
fbb5ce510cb80aa4e6026448e390ec27fdf49d2c55fa6d83ec92dc9c7f469bc4