urlscan.io logo urlscan.io
SecurityTrails logo

www.xooimage.com Open in urlscan Pro
5.135.39.59  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xooimage.com/
Effective URL: http://www.xooimage.com/fr/
Submission: On December 02 via manual from HK — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 5.135.39.59, located in Avrille, France and belongs to OVH, FR. The main domain is www.xooimage.com.
This is the only time www.xooimage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 5.135.39.59 16276 (OVH)
7 151.80.200.209 16276 (OVH)
1 2a02:2638::25 44788 (ASN-CRITE...)
3 151.80.200.208 16276 (OVH)
14 46.105.104.203 16276 (OVH)
1 1 23.79.145.223 16625 (AKAMAI-AS)
1 52.219.170.162 16509 (AMAZON-02)
2 87.98.175.165 16276 (OVH)
1 1 95.131.136.1 47841 (OXALIDE)
1 192.229.220.129 15133 (EDGECAST)
1 1 89.185.38.84 8426 (CLARANET-...)
1 89.185.38.100 8426 (CLARANET-...)
1 1 52.49.191.3 16509 (AMAZON-02)
1 1 108.128.89.49 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
41 11
10    5.135.39.59 (Avrille, France)

ASN16276 (OVH, FR)
xooimage.com
www.xooimage.com
7    151.80.200.209 (Roubaix, France)

ASN16276 (OVH, FR)
tags.clickintext.net
1    2a02:2638::25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtax.criteo.com
3    151.80.200.208 (Roubaix, France)

ASN16276 (OVH, FR)
lb.apicit.net
apicit.net
14    46.105.104.203 (France)

ASN16276 (OVH, FR)
PTR: ns3111402.ip-46-105-104.eu
www-107-classic.clickintext.net
www-107-slidein.clickintext.net
www-107.clickintext.net
1    23.79.145.223 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-145-223.deploy.static.akamaitechnologies.com
www.awin1.com
1    52.219.170.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com
wkda-marketing-images.s3.eu-central-1.amazonaws.com
2    87.98.175.165 (Lyon, France)

ASN16276 (OVH, FR)
PTR: ovh84.clickintext.com
fr.clickintext.net
fr.slidein.clickintext.net
1    95.131.136.1 (France)

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net
action.metaffiliation.com
1    192.229.220.129 (United States)

ASN15133 (EDGECAST, US)
img.metaffiliation.com
1    89.185.38.84 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
tracking.publicidees.com
1    89.185.38.100 (Paris, France)

ASN8426 (CLARANET-AS ClaraNET LTD, GB)
ad.publicidees.com
1    52.49.191.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-191-3.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    108.128.89.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-89-49.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
1    2600:9000:2251:4c00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.tradetracker.net
Apex Domain
Subdomains		 Transfer
23 clickintext.net
tags.clickintext.net — Cisco Umbrella Rank: 254426
www-107-classic.clickintext.net
www-107-slidein.clickintext.net
www-107.clickintext.net — Cisco Umbrella Rank: 919159
fr.clickintext.net
fr.slidein.clickintext.net
112 KB
10 xooimage.com
xooimage.com — Cisco Umbrella Rank: 782628
www.xooimage.com
111 KB
3 tradetracker.net
ti.tradetracker.net — Cisco Umbrella Rank: 110077
static.tradetracker.net — Cisco Umbrella Rank: 120796
50 KB
3 apicit.net
lb.apicit.net — Cisco Umbrella Rank: 825883
apicit.net — Cisco Umbrella Rank: 232480
43 KB
2 publicidees.com
tracking.publicidees.com — Cisco Umbrella Rank: 244075
ad.publicidees.com — Cisco Umbrella Rank: 454291
69 KB
2 metaffiliation.com
action.metaffiliation.com — Cisco Umbrella Rank: 106642
img.metaffiliation.com — Cisco Umbrella Rank: 54737
140 KB
1 amazonaws.com
wkda-marketing-images.s3.eu-central-1.amazonaws.com
38 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 13349
511 B
1 criteo.com
rtax.criteo.com — Cisco Umbrella Rank: 33063
141 B
0 ebz.io Failed
as.ebz.io Failed
41 10
Domain Requested by
8 www.xooimage.com www.xooimage.com
7 tags.clickintext.net www.xooimage.com
lb.apicit.net
5 www-107.clickintext.net www-107-classic.clickintext.net
www-107-slidein.clickintext.net
lb.apicit.net
fr.clickintext.net
apicit.net
5 www-107-slidein.clickintext.net www.xooimage.com
www-107-slidein.clickintext.net
fr.slidein.clickintext.net
4 www-107-classic.clickintext.net tags.clickintext.net
lb.apicit.net
2 ti.tradetracker.net 2 redirects
2 apicit.net www.xooimage.com
apicit.net
2 xooimage.com 1 redirects
1 static.tradetracker.net www-107-slidein.clickintext.net
1 ad.publicidees.com www-107-slidein.clickintext.net
1 tracking.publicidees.com 1 redirects
1 img.metaffiliation.com www-107-slidein.clickintext.net
1 action.metaffiliation.com 1 redirects
1 fr.slidein.clickintext.net www-107-slidein.clickintext.net
1 fr.clickintext.net www-107-slidein.clickintext.net
1 wkda-marketing-images.s3.eu-central-1.amazonaws.com www-107.clickintext.net
1 www.awin1.com 1 redirects
1 lb.apicit.net tags.clickintext.net
1 rtax.criteo.com www.xooimage.com
0 as.ebz.io Failed www-107-slidein.clickintext.net
41 20

This site contains no links.

Subject Issuer Validity Valid
rdc.apicit.net
R3		 2022-10-08 -
2023-01-06		 3 months crt.sh
*.clickintext.net
R3		 2022-10-31 -
2023-01-29		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.xooimage.com/fr/
Frame ID: 7ED14C69CEF8B9C5A108E34AF712BFB7
Requests: 33 HTTP requests in this frame

Frame: http://www-107.clickintext.net/print.php?c=CLAV3&tag=3883_1_-1_300x250_454&aid=2a9b2645715174c1bfde5ec584c11a61&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%252FMAbCITC99QQBA2W9AQGTRTBRV1bVNmX1YFMCU2BtdFPX52B3sVMAIRVRUgGXVRUwMFbCEzCnllKVZDUkcwYJIzAdIgZJczD1EAPbhDAXM1ZFoTVuVFZeRkVwIQNHQxVycVbHczWyAAZVlWBsdFYRJzU%26mobile%3D0%26m5%3D1d09668abb0bbcee7b07e761576b857b%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1%252Fhttps%253A%252F%252FwTww.awVin1T.com%252Fcread.php%253Fs%253D642054%2526v%253D7360%2526r%253D274697%2526clickref%253D%2525CASHBACKDATA%2525%2526
Frame ID: F9E2A76C9A33CB8D984688478EB1E32F
Requests: 2 HTTP requests in this frame

Frame: http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmaff%3DP4BC614A8CD1915&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E3135%2Fhttps%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4BC614A8CD1915%26argsite%3D%25CASHBACKDATA%25%26&n=1&ide=6277
Frame ID: D952FC7FE4C49943219D84E807165EDD
Requests: 2 HTTP requests in this frame

Frame: http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Ftracking.publicidees.com%2Fbanner.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E5538%2Fhttps%3A%2F%2Ftracking.publicidees.com%2Fclic.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&n=1&ide=11083
Frame ID: 1EF4D6590032B70B1F43EAC2254734DB
Requests: 2 HTTP requests in this frame

Frame: http://www-107-slidein.clickintext.net/extra.php?a=&img=http%3A%2F%2Fti.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26t%3Dhtml&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E4879%2Fhttp%3A%2F%2Ftc.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26u%3D&n=1&ide=9765
Frame ID: 7833BAD4D0B10E6C9D1B6D184EDFBFBA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xooimage - Hébergement gratuit d'images

Page URL History Show full URLs

  1. http://xooimage.com/ Page URL
  2. http://xooimage.com/app/root.php HTTP 302
    http://www.xooimage.com/fr/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

29 %
HTTPS

13 %
IPv6

10
Domains

20
Subdomains

11
IPs

4
Countries

560 kB
Transfer

1229 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xooimage.com/ Page URL
  2. http://xooimage.com/app/root.php HTTP 302
    http://www.xooimage.com/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.awin1.com/cshow.php?s=642054&v=7360&r=274697 HTTP 302
  • https://wkda-marketing-images.s3.eu-central-1.amazonaws.com/AWIN/1607+Multinational/FR/300x250-FR1607-sell.jpg
Request Chain 27
  • https://action.metaffiliation.com/trk.php?maff=P4BC614A8CD1915 HTTP 302
  • https://img.metaffiliation.com/8/48225/img_9_15_1.gif
Request Chain 28
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7457&promoid=231793&cb=%CASHBACKDATA%& HTTP 302
  • https://ad.publicidees.com/promos/banners/4492/231793.png
Request Chain 29
  • http://ti.tradetracker.net/?c=25318&m=1076341&a=310167&r=%CASHBACKDATA%&t=html HTTP 301
  • https://ti.tradetracker.net/?c=25318&m=1076341&a=310167&r=%CASHBACKDATA%&t=html HTTP 302
  • https://static.tradetracker.net/fr/material_image/79/d1eddda2f377958a6340821837d7a199997152.jpg

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xooimage.com/ 		249 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
http://xooimage.com/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
80ca3f3671c778d6a25fb8f2b96bb1e39164d4c731e76c41d34e7341002f9829

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Encoding
gzip
Content-Length
207
Content-Type
text/html
Date
Fri, 02 Dec 2022 02:18:28 GMT
ETag
"f9-59232b4928350-gzip"
Last-Modified
Tue, 10 Sep 2019 13:15:59 GMT
Server
nginx
Vary
Accept-Encoding
Primary Request /
www.xooimage.com/fr/
Redirect Chain
  • http://xooimage.com/app/root.php
  • http://www.xooimage.com/fr/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce2db9e471099b15acd15632100cc8a1ec1209ae0113caf44d1960be161982b3

Request headers

Referer
http://xooimage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
2568
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Dec 2022 02:18:28 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Dec 2022 02:18:28 GMT
Location
http://www.xooimage.com/fr/
Server
nginx
jquery-1.3.2.min.js
www.xooimage.com/pics/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xooimage.com/pics/jquery-1.3.2.min.js
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2010 14:34:45 GMT
Server
nginx
ETag
W/"4b965c85-dfa6"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
jquery.pngFix.pack.js
www.xooimage.com/pics/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.xooimage.com/pics/jquery.pngFix.pack.js
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cba6542cde2f7222f777619cc3624e2afc285c2fe2485c8487062dade4f8b33

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Mar 2010 14:36:06 GMT
Server
nginx
ETag
W/"4b965cd6-9c2"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
bar.gif
www.xooimage.com/pics/ 		159 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xooimage.com/pics/bar.gif
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
23d6031c40569a36c1d776f731ada89de951bb15fb496594a70954940d2e039c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2010 15:57:44 GMT
Server
nginx
ETag
W/"4b9e58f8-9f"
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
j1GFWyJiGkkym
tags.clickintext.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.clickintext.net/j1GFWyJiGkkym
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
5ff10d2bd7df2772bce745bcf39b3fb61c12e85199ff58b92fe2fe689116094e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
bg.jpg
www.xooimage.com/pics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xooimage.com/pics/bg.jpg
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e2a74abc5af6e86df7ba8224e0af3bbfc256c37f6c3f73b86b0eb93d64cb3903

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2010 14:59:20 GMT
Server
nginx
ETag
W/"4b9510c8-583"
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
rta.js
rtax.criteo.com/delivery/rta/ 		0
141 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rtax.criteo.com/delivery/rta/rta.js?netId=4594&cookieName=crtg_rta&rnd=50741120112&varName=crtg_content
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
2a02:2638::25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:28 GMT
strict-transport-security
max-age=31536000; preload;
server
nginx/1.20.1
bg_chic.jpg
www.xooimage.com/pics/ 		89 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xooimage.com/pics/bg_chic.jpg
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6a84c3c6c8c719e2fceae8a544effd7a66d82f5f95a64e821a75808c87075cf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2010 14:59:21 GMT
Server
nginx
ETag
W/"4b9510c9-16494"
Transfer-Encoding
chunked
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
logo.png
www.xooimage.com/pics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xooimage.com/pics/logo.png
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4b43677b3d7ade4967a7eb6c25251e4f1067cda7443e5939ee5abc707be24f68

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2010 15:19:02 GMT
Server
nginx
ETag
W/"4b951566-c91"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
pub_300x250.png
www.xooimage.com/pics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.xooimage.com/pics/pub_300x250.png
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
5.135.39.59 Avrille, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
9d8bf7249ccd2cd2200bb81beb56f9968a3656ba858f0e59f749b57f92b011bf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2010 15:09:35 GMT
Server
nginx
ETag
W/"4b95132f-5b6"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
close
Expires
Sat, 02 Dec 2023 02:18:28 GMT
loader.v8.php
lb.apicit.net/ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Requested by
Host: tags.clickintext.net
URL: http://tags.clickintext.net/j1GFWyJiGkkym
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
29513ef23d79caa2bd60fb6b75ee1ae0223f7a4c0bd299be235bdc400cbed170

Request headers

Referer
http://www.xooimage.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:28 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
content.php
www-107-classic.clickintext.net/execs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=7992&f=300x250&zk=j1GFWyJiGkkym&ccn=0&frameId=frameCIT73911cb392bcf6ae96b55cf92773e7cfi&apicitIdPAPXTime=2a9b2645715174c1bfde5ec584c11a61&apicitIdPAPXTimeMore=sw%5B0%5D&top=http%3A//www.xooimage.com/fr/&pAv=1&mobile=0
Requested by
Host: tags.clickintext.net
URL: http://tags.clickintext.net/j1GFWyJiGkkym
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
a0fd2edfaf963fc762341baf4d4495ca1297a2a7b72e7689b466a3e3c7e9640d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
text/html; charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
loader.v6.js
apicit.net/ 		849 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
http://apicit.net/loader.v6.js
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0ce8424b4ea8a5b024ad1c5987cfb2240549274da10ba9428259e9677dac4ae8

Request headers

Referer
http://www.xooimage.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2013 13:13:13 GMT
Server
nginx
ETag
W/"4b0d89c3-351"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Expires
Sat, 03 Dec 2022 02:18:28 GMT
ping.php
apicit.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://apicit.net/ping.php?v=5&n=www.xooimage.com&r=6&t=xoi&e=xoi1&r2=http%3A//xooimage.com/&fct=xooimageWriteS
Requested by
Host: apicit.net
URL: http://apicit.net/loader.v6.js
Protocol
HTTP/1.1
Server
151.80.200.208 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
073a67c860bf5628dc072cc61e770e8c5dd998ac4bff8c5885282d0d56452a00

Request headers

Referer
http://www.xooimage.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:28 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
cs.php
www-107-slidein.clickintext.net/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Requested by
Host: www.xooimage.com
URL: http://www.xooimage.com/fr/
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
920d927266b231b12016169ef4361d8d071e2792c7e5f95bf2564044623c0115

Request headers

Referer
http://www.xooimage.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/x-javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
print.php
www-107.clickintext.net/ Frame F9E2 		739 B
948 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www-107.clickintext.net/print.php?c=CLAV3&tag=3883_1_-1_300x250_454&aid=2a9b2645715174c1bfde5ec584c11a61&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%252FMAbCITC99QQBA2W9AQGTRTBRV1bVNmX1YFMCU2BtdFPX52B3sVMAIRVRUgGXVRUwMFbCEzCnllKVZDUkcwYJIzAdIgZJczD1EAPbhDAXM1ZFoTVuVFZeRkVwIQNHQxVycVbHczWyAAZVlWBsdFYRJzU%26mobile%3D0%26m5%3D1d09668abb0bbcee7b07e761576b857b%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1%252Fhttps%253A%252F%252FwTww.awVin1T.com%252Fcread.php%253Fs%253D642054%2526v%253D7360%2526r%253D274697%2526clickref%253D%2525CASHBACKDATA%2525%2526
Requested by
Host: www-107-classic.clickintext.net
URL: http://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=7992&f=300x250&zk=j1GFWyJiGkkym&ccn=0&frameId=frameCIT73911cb392bcf6ae96b55cf92773e7cfi&apicitIdPAPXTime=2a9b2645715174c1bfde5ec584c11a61&apicitIdPAPXTimeMore=sw%5B0%5D&top=http%3A//www.xooimage.com/fr/&pAv=1&mobile=0
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
f03f52044824d3c02aaa791fe6ad80cec628cf058d76ca5765fc55d2f5d862fc

Request headers

Referer
http://www.xooimage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 02 Dec 2022 02:18:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
300x250-FR1607-sell.jpg
wkda-marketing-images.s3.eu-central-1.amazonaws.com/AWIN/1607+Multinational/FR/ Frame F9E2
Redirect Chain
  • https://www.awin1.com/cshow.php?s=642054&v=7360&r=274697
  • https://wkda-marketing-images.s3.eu-central-1.amazonaws.com/AWIN/1607+Multinational/FR/300x250-FR1607-sell.jpg
38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wkda-marketing-images.s3.eu-central-1.amazonaws.com/AWIN/1607+Multinational/FR/300x250-FR1607-sell.jpg
Requested by
Host: www-107.clickintext.net
URL: http://www-107.clickintext.net/print.php?c=CLAV3&tag=3883_1_-1_300x250_454&aid=2a9b2645715174c1bfde5ec584c11a61&url=http%3A%2F%2Fwww-classic.clickintext.net%2Fc%2F%3Ft%3Dcla%26k%3D%252FMAbCITC99QQBA2W9AQGTRTBRV1bVNmX1YFMCU2BtdFPX52B3sVMAIRVRUgGXVRUwMFbCEzCnllKVZDUkcwYJIzAdIgZJczD1EAPbhDAXM1ZFoTVuVFZeRkVwIQNHQxVycVbHczWyAAZVlWBsdFYRJzU%26mobile%3D0%26m5%3D1d09668abb0bbcee7b07e761576b857b%26go%3Dhttp%253A%252F%252Ficit.fr%252Fj%252F0%252FAU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1%252Fhttps%253A%252F%252FwTww.awVin1T.com%252Fcread.php%253Fs%253D642054%2526v%253D7360%2526r%253D274697%2526clickref%253D%2525CASHBACKDATA%2525%2526
Protocol
HTTP/1.1
Server
52.219.170.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3c0ff549bc4dd3b074faf749add23f1f85c72ce5e304f4a5649244de22caf916

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www-107.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 02:18:30 GMT
Last-Modified
Tue, 03 Nov 2020 16:17:14 GMT
Server
AmazonS3
x-amz-request-id
H00Z2WDQQH38QGEC
ETag
"45a31736db52e4f762591d6d7c9e4b7f"
Content-Type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
38470
x-amz-id-2
pqlbehFcaupzYv5McoAO34fw4afG0q0RAmqYbvIs3BJ1sqfbtTdavsu8JG7c2zGTao7kDLN1pWk=

Redirect headers

Date
Fri, 02 Dec 2022 02:18:29 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://wkda-marketing-images.s3.eu-central-1.amazonaws.com/AWIN/1607+Multinational/FR/300x250-FR1607-sell.jpg
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=265b58b49d6a63e0c05f3c69fe8f2911&s=0%2C1%2C0%2CfirstSeen%2C101&d=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:29 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
displayed.php
www-107-classic.clickintext.net/ 		1 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=265b58b49d6a63e0c05f3c69fe8f2911&s=0%2C1%2C0%2Cloading%2C0&d=
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:29 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
fr.clickintext.net/sitekinder/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fr.clickintext.net/sitekinder/?a=7992&zone=23254
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
HTTP/1.1
Server
87.98.175.165 Lyon, France, ASN16276 (OVH, FR),
Reverse DNS
ovh84.clickintext.com
Software
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u / PHP/5.6.33-0+deb8u1
Resource Hash
a9c9bdbe836f25a4561d003a1f4b79ea459fdfae0c245077286008fd670d535f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/x-javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Close
Content-Length
958
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
fr.slidein.clickintext.net/interstitiel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fr.slidein.clickintext.net/interstitiel/?a=7992&zone=23254
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
HTTP/1.1
Server
87.98.175.165 Lyon, France, ASN16276 (OVH, FR),
Reverse DNS
ovh84.clickintext.com
Software
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u / PHP/5.6.33-0+deb8u1
Resource Hash
a4b4baaecd91e5f2bd2a0ba189b8bbded7430496491de1b8b7585bf0442f17f6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian) PHP/5.6.33-0+deb8u1 OpenSSL/1.0.2u
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/x-javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Close
Content-Length
1149
Expires
Thu, 19 Nov 1981 08:52:00 GMT
advertisers.php
www-107.clickintext.net/ 		37 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/advertisers.php
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
9388ae93a170ff323c1a38816f98f7cc7d4ebbcf0d70fdf3079aa1f40ba3f148

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type
text/html; charset=ISO-8859-1
pragma
no-cache
date
Fri, 02 Dec 2022 02:18:29 GMT
cache-control
no-cache
content-encoding
gzip
server
nginx
expires
Fri, 01 Jan 2010 05:00:00 GMT
extra.php
www-107-slidein.clickintext.net/ Frame D952 		435 B
687 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmaff%3DP4BC614A8CD1915&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E3135%2Fhttps%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4BC614A8CD1915%26argsite%3D%25CASHBACKDATA%25%26&n=1&ide=6277
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
a68f4b30d4e856da0f6509bf9ee9b59cd1e3ca619d499578605519d1ebe73a90

Request headers

Referer
http://www.xooimage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 02 Dec 2022 02:18:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
extra.php
www-107-slidein.clickintext.net/ Frame 1EF4 		486 B
695 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Ftracking.publicidees.com%2Fbanner.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E5538%2Fhttps%3A%2F%2Ftracking.publicidees.com%2Fclic.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&n=1&ide=11083
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
2eb29750ffe4625d72b2696fca84c6110a75449aa6cdedf3e5697e7881e170da

Request headers

Referer
http://www.xooimage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 02 Dec 2022 02:18:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
extra.php
www-107-slidein.clickintext.net/ Frame 7833 		438 B
679 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www-107-slidein.clickintext.net/extra.php?a=&img=http%3A%2F%2Fti.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26t%3Dhtml&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E4879%2Fhttp%3A%2F%2Ftc.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26u%3D&n=1&ide=9765
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
b5ade1e132b85d3d4a758d5cee47aa6127f17b521b2160c06aac376bbfc925ca

Request headers

Referer
http://www.xooimage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-1
Date
Fri, 02 Dec 2022 02:18:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
/
tags.clickintext.net/takeasafe/ 		2 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takeasafe/?t=1669947508&k=99e609&h=www.xooimage.com&
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:29 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
optimize.php
www-107.clickintext.net/extraintext/ 		316 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/extraintext/optimize.php?r=1&a=53385&jQuery=2
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
abed0cce98df65313a6bad555d034bc312dc4d6dd0d451782f451611da9fa37a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:29 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
img_9_15_1.gif
img.metaffiliation.com/8/48225/ Frame D952
Redirect Chain
  • https://action.metaffiliation.com/trk.php?maff=P4BC614A8CD1915
  • https://img.metaffiliation.com/8/48225/img_9_15_1.gif
138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.metaffiliation.com/8/48225/img_9_15_1.gif
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmaff%3DP4BC614A8CD1915&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E3135%2Fhttps%3A%2F%2Faction.metaffiliation.com%2Ftrk.php%3Fmclic%3DP4BC614A8CD1915%26argsite%3D%25CASHBACKDATA%25%26&n=1&ide=6277
Protocol
H2
Server
192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F60) /
Resource Hash
baa5f8d01935e69144a7851cbaa0714b2136c430300977425eb363ff2c24ad14

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www-107-slidein.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:29 GMT
last-modified
Tue, 05 Feb 2019 15:12:04 GMT
server
ECAcc (paa/6F60)
age
315
etag
"5c59a7c4-228f3"
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=3600
accept-ranges
bytes
content-length
141555

Redirect headers

X-TRK-KWANKO
no consent mode activated, no personnal data stored.
Date
Fri, 02 Dec 2022 02:18:29 GMT
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.014733076095581
Connection
close
X-TRK-PROC
48225
Pragma
no-cache
X-TRK-SRV
5
Server
nginx
Last-Modified
Fri, 02 Dec 2022 02:18:29 GMT
X-TRK-DECISION
3
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://img.metaffiliation.com/8/48225/img_9_15_1.gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires
Mon, 26 Jul 1997 05:00:00 GMT
231793.png
ad.publicidees.com/promos/banners/4492/ Frame 1EF4
Redirect Chain
  • https://tracking.publicidees.com/banner.php?partid=8826&progid=7457&promoid=231793&cb=%CASHBACKDATA%&
  • https://ad.publicidees.com/promos/banners/4492/231793.png
68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.publicidees.com/promos/banners/4492/231793.png
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/extra.php?a=&img=https%3A%2F%2Ftracking.publicidees.com%2Fbanner.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E5538%2Fhttps%3A%2F%2Ftracking.publicidees.com%2Fclic.php%3Fpartid%3D8826%26progid%3D7457%26promoid%3D231793%26cb%3D%25CASHBACKDATA%25%26&n=1&ide=11083
Protocol
H2
Server
89.185.38.100 Paris, France, ASN8426 (CLARANET-AS ClaraNET LTD, GB),
Reverse DNS
Software
nginx /
Resource Hash
2b35c5972114b2bf0553b2164f7ed942b97739b69db015a19b01c24f2356720c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www-107-slidein.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

expires
Fri, 02 Dec 2022 02:23:29 GMT
date
Fri, 02 Dec 2022 02:18:29 GMT
last-modified
Tue, 01 Mar 2022 16:57:37 GMT
server
nginx
etag
"621e5081-10f2b"
content-type
image/png
cache-control
max-age=300
accept-ranges
bytes
content-length
69419
x-proxy-cache
MISS

Redirect headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Last-Modified
Fri, 02 Dec 2022 02:18:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
https://ad.publicidees.com/promos/banners/4492/231793.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
d1eddda2f377958a6340821837d7a199997152.jpg
static.tradetracker.net/fr/material_image/79/ Frame 7833
Redirect Chain
  • http://ti.tradetracker.net/?c=25318&m=1076341&a=310167&r=%CASHBACKDATA%&t=html
  • https://ti.tradetracker.net/?c=25318&m=1076341&a=310167&r=%CASHBACKDATA%&t=html
  • https://static.tradetracker.net/fr/material_image/79/d1eddda2f377958a6340821837d7a199997152.jpg
49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/fr/material_image/79/d1eddda2f377958a6340821837d7a199997152.jpg
Requested by
Host: www-107-slidein.clickintext.net
URL: http://www-107-slidein.clickintext.net/extra.php?a=&img=http%3A%2F%2Fti.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26t%3Dhtml&whpic=300x250&url=%2F%2Flb.apicit.net%2Fj%2F0%2FAU3e1611c693f2772ed31186a07de99ea4R1S999999W0I0E4879%2Fhttp%3A%2F%2Ftc.tradetracker.net%2F%3Fc%3D25318%26m%3D1076341%26a%3D310167%26r%3D%25CASHBACKDATA%25%26u%3D&n=1&ide=9765
Protocol
H2
Server
2600:9000:2251:4c00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8aec480b750e8865901b46344e7f73a40561d3dd9219cd98947b1dfe0b4db22b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www-107-slidein.clickintext.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:13 GMT
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2017 11:48:56 GMT
server
nginx
x-amz-cf-pop
FRA60-P3
age
16
etag
"58cbcd28-c341"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
49985
x-amz-cf-id
Qjy6-JvMzIA4vtfwbUrD9friHpYjxLyfUeaz-ZchPp3Zx7LlMgI2Ug==

Redirect headers

location
https://static.tradetracker.net/fr/material_image/79/d1eddda2f377958a6340821837d7a199997152.jpg
date
Fri, 02 Dec 2022 02:18:29 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
exec.php
www-107.clickintext.net/sitekinder/ 		215 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www-107.clickintext.net/sitekinder/exec.php?a=7992&zone=23254&zk=jm6LAuUua4wKl&apicitIdPAPXTime=2a9b2645715174c1bfde5ec584c11a61&apicitIdPAPXTimeMore=sw%5B0%5D
Requested by
Host: fr.clickintext.net
URL: http://fr.clickintext.net/sitekinder/?a=7992&zone=23254
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
de2b8cd31aa07c81210c3afe40d724fedb2b1f3af990ea129b14e5c8a6f8aed0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/x-javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
exec.php
www-107-slidein.clickintext.net/interstitiel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-107-slidein.clickintext.net/interstitiel/exec.php?a=7992&zone=23254&zk=jrys9kalgY8df&apicitIdPAPXTime=2a9b2645715174c1bfde5ec584c11a61&apicitIdPAPXTimeMore=sw%5B0%5D&cithref=&if=0
Requested by
Host: fr.slidein.clickintext.net
URL: http://fr.slidein.clickintext.net/interstitiel/?a=7992&zone=23254
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
2e9a083b55a01b4e4f97e70a44ae4b44ce34051fec6daded3e7044c0ccd68635

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/x-javascript;charset=ISO-8859-1
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
choixPubJS.htm
as.ebz.io/api/ 		0
0
optimize.php
www-107.clickintext.net/extraintext/ 		313 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www-107.clickintext.net/extraintext/optimize.php?apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D&r=6&a=1&jQuery=1
Requested by
Host: apicit.net
URL: http://apicit.net/ping.php?v=5&n=www.xooimage.com&r=6&t=xoi&e=xoi1&r2=http%3A//xooimage.com/&fct=xooimageWriteS
Protocol
HTTP/1.1
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
80e3f91e63ac651e6b279da99b34e4c59849486b3d7f7537230ea2ed297ae257

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 02 Dec 2022 02:18:29 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1669947508&k=99e609&0_an=1&0_cbd=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1&0_ty=8&0_be=101&0_max=508&0_del=500&ast=53385_50124&twr=http%3A//xooimage.com/
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:29 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1669947508&k=99e609&0_an=1&0_cbd=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1&0_ty=8&0_be=101&0_max=1508&0_del=1500&twr=http%3A//xooimage.com/
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:30 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
displayed.php
www-107-classic.clickintext.net/ 		1 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/displayed.php?i=265b58b49d6a63e0c05f3c69fe8f2911&s=0%2C1%2C0%2CokSeen%2C2609&d=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 02:18:31 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1669947508&k=99e609&0_an=1&0_cbd=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1&0_ty=8&0_be=101&0_max=2508&0_del=2500&twr=http%3A//xooimage.com/
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:31 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1669947508&k=99e609&0_an=1&0_cbd=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1&0_ty=8&0_be=101&0_max=3508&0_del=3500&twr=http%3A//xooimage.com/
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:32 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1
/
tags.clickintext.net/takealook/ 		47 B
157 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takealook/?t=1669947508&k=99e609&0_an=1&0_cbd=AU2a9b2645715174c1bfde5ec584c11a61R1S53385W0I8E3883K1&0_ty=8&0_be=101&0_max=4508&0_del=4500&twr=http%3A//xooimage.com/
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.80.200.209 Roubaix, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.xooimage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 02:18:33 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=ISO-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
as.ebz.io
URL
http://as.ebz.io/api/choixPubJS.htm?pid=308984&screenLayer=1&mode=NONE&home=http://www.clickintext.com

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange function| $ function| jQuery boolean| openedOptions string| crtg_nid string| crtg_cookiename string| crtg_varname function| crtg_getCookie string| crtg_content number| crtg_rnd string| apicitDatas function| xooimageWriteS string| apicitLaunchFct string| apicitMoreParams boolean| apicitCounted boolean| apicitCountedV7 string| apicitIdPAPXTime string| apicitIdPAPXTimeMore function| apicitForLogS function| apicitForLog function| CITKEYWORDERFct2 number| curtop string| cithref function| clickintext_logdev number| h number| w undefined| citSlideinLoaded function| _ssmkjqsdfmlkjqsdfde52506 function| _ssmkjqsdfmlkjqsdfqq52506 number| myCTC3135 function| myCTC3135fct number| myCTC5538 function| myCTC5538fct number| myCTC4879 function| myCTC4879fct number| ac number| c3 number| c2 number| c1 function| cashouSiteKinder number| positionAvailable object| topWindow string| forDebug object| doc function| clickintextWriteInterstitiel number| clickintext_SlideInA string| clickintext_SlideInHostForAff undefined| cit_pap_visiteur_datas string| clickintext_SlideInK object| beeadScript

8 Cookies

Domain/Path Name / Value
.apicit.net/ Name: apicit
Value: 2a9b2645715174c1bfde5ec584c11a61
.apicit.net/ Name: sw
Value: 289369108
.awin1.com/ Name: AWSESS
Value: 311652:642054
.metaffiliation.com/ Name: kwknc_ssc
Value: dp4bc614a8cd1915
.metaffiliation.com/ Name: kwkncses_ssc
Value: dp4bc614a8cd1915
tracking.publicidees.com/ Name: IC
Value: eJwzNzE1r06xMjQzs7Q0MTc1sKwpAXLMDQyNDIyBnIJyKwsLI7OagiIrI2NDc0vjmuQkK1Vnx2APJ0dnbxfHEEdVI9NaAHa8Emk
tracking.publicidees.com/ Name: WUC
Value: eJxFzTsOwjAMANDTdMaxYzv2FsqAxAgXSPqR2CqE1KHp3cnG-KankfWYPYiYRWWw9u1QCAjUse2eEkrbPo4U1KhN1YcxP-_XPD5u-ZUH5PN9gCdkAwFZ40qVbA6pWJWFy0RdZbn8i_MHKBgfRg
.tradetracker.net/ Name: uf
Value: pPYSKGyMC9Ch9RimMNcH2kNlWlc3Qk9vemR4WTJnamdEcGExZDFMTGVJRHphQlhDUFdGQWtFME1OR2QzUmxycHh0Q09jM3pCR0QySllrZDVuenNFUFl1ektoUktTZ2NOaVZxYXVRPT0%3D

9 Console Messages

Source Level URL
Text
javascript warning URL: http://tags.clickintext.net/j1GFWyJiGkkym(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://tags.clickintext.net/j1GFWyJiGkkym(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&zid=53385&call=document.onapicitCall&jQ=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.xooimage.com/fr/(Line 134)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://apicit.net/loader.v6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.xooimage.com/fr/(Line 134)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://apicit.net/loader.v6.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://apicit.net/loader.v6.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://apicit.net/ping.php?v=5&n=www.xooimage.com&r=6&t=xoi&e=xoi1&r2=http%3A//xooimage.com/&fct=xooimageWriteS, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://apicit.net/loader.v6.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://apicit.net/ping.php?v=5&n=www.xooimage.com&r=6&t=xoi&e=xoi1&r2=http%3A//xooimage.com/&fct=xooimageWriteS, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.xooimage.com/fr/(Line 129)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.xooimage.com/fr/(Line 129)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www-107-slidein.clickintext.net/cs.php?idnum=999999&idp=1&ig=0&apicitIdPAPXTime=3e1611c693f2772ed31186a07de99ea4&apicitIdPAPXTimeMore=sw%5B0%5D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://as.ebz.io/api/choixPubJS.htm?pid=308984&screenLayer=1&mode=NONE&home=http://www.clickintext.com
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.metaffiliation.com
ad.publicidees.com
apicit.net
as.ebz.io
fr.clickintext.net
fr.slidein.clickintext.net
img.metaffiliation.com
lb.apicit.net
rtax.criteo.com
static.tradetracker.net
tags.clickintext.net
ti.tradetracker.net
tracking.publicidees.com
wkda-marketing-images.s3.eu-central-1.amazonaws.com
www-107-classic.clickintext.net
www-107-slidein.clickintext.net
www-107.clickintext.net
www.awin1.com
www.xooimage.com
xooimage.com
as.ebz.io
108.128.89.49
151.80.200.208
151.80.200.209
192.229.220.129
23.79.145.223
2600:9000:2251:4c00:1a:7c92:efc0:93a1
2a02:2638::25
46.105.104.203
5.135.39.59
52.219.170.162
52.49.191.3
87.98.175.165
89.185.38.100
89.185.38.84
95.131.136.1
073a67c860bf5628dc072cc61e770e8c5dd998ac4bff8c5885282d0d56452a00
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53
0ce8424b4ea8a5b024ad1c5987cfb2240549274da10ba9428259e9677dac4ae8
23d6031c40569a36c1d776f731ada89de951bb15fb496594a70954940d2e039c
29513ef23d79caa2bd60fb6b75ee1ae0223f7a4c0bd299be235bdc400cbed170
2b35c5972114b2bf0553b2164f7ed942b97739b69db015a19b01c24f2356720c
2e9a083b55a01b4e4f97e70a44ae4b44ce34051fec6daded3e7044c0ccd68635
2eb29750ffe4625d72b2696fca84c6110a75449aa6cdedf3e5697e7881e170da
3c0ff549bc4dd3b074faf749add23f1f85c72ce5e304f4a5649244de22caf916
4b43677b3d7ade4967a7eb6c25251e4f1067cda7443e5939ee5abc707be24f68
5ff10d2bd7df2772bce745bcf39b3fb61c12e85199ff58b92fe2fe689116094e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80ca3f3671c778d6a25fb8f2b96bb1e39164d4c731e76c41d34e7341002f9829
80e3f91e63ac651e6b279da99b34e4c59849486b3d7f7537230ea2ed297ae257
8aec480b750e8865901b46344e7f73a40561d3dd9219cd98947b1dfe0b4db22b
920d927266b231b12016169ef4361d8d071e2792c7e5f95bf2564044623c0115
9388ae93a170ff323c1a38816f98f7cc7d4ebbcf0d70fdf3079aa1f40ba3f148
9cba6542cde2f7222f777619cc3624e2afc285c2fe2485c8487062dade4f8b33
9d8bf7249ccd2cd2200bb81beb56f9968a3656ba858f0e59f749b57f92b011bf
a0fd2edfaf963fc762341baf4d4495ca1297a2a7b72e7689b466a3e3c7e9640d
a4b4baaecd91e5f2bd2a0ba189b8bbded7430496491de1b8b7585bf0442f17f6
a68f4b30d4e856da0f6509bf9ee9b59cd1e3ca619d499578605519d1ebe73a90
a9c9bdbe836f25a4561d003a1f4b79ea459fdfae0c245077286008fd670d535f
abed0cce98df65313a6bad555d034bc312dc4d6dd0d451782f451611da9fa37a
b5ade1e132b85d3d4a758d5cee47aa6127f17b521b2160c06aac376bbfc925ca
baa5f8d01935e69144a7851cbaa0714b2136c430300977425eb363ff2c24ad14
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ce2db9e471099b15acd15632100cc8a1ec1209ae0113caf44d1960be161982b3
d062b94df598161f031c7c9ad243fc41d9fafc648df78610457b7a92e226c0a9
d6a84c3c6c8c719e2fceae8a544effd7a66d82f5f95a64e821a75808c87075cf
de2b8cd31aa07c81210c3afe40d724fedb2b1f3af990ea129b14e5c8a6f8aed0
e2a74abc5af6e86df7ba8224e0af3bbfc256c37f6c3f73b86b0eb93d64cb3903
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f03f52044824d3c02aaa791fe6ad80cec628cf058d76ca5765fc55d2f5d862fc