urlscan.io logo urlscan.io
SecurityTrails logo

les.smokers.flyers.xooit.eu Open in urlscan Pro
5.135.39.46  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://les.smokers.flyers.xooit.eu/
Effective URL: https://les.smokers.flyers.xooit.eu/index.php
Submission: On June 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 44 HTTP transactions. The main IP is 5.135.39.46, located in Antwerp, Belgium and belongs to OVH, FR. The main domain is les.smokers.flyers.xooit.eu.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.
This is the only time les.smokers.flyers.xooit.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    5.135.39.46 (Antwerp, Belgium)

ASN16276 (OVH, FR)
les.smokers.flyers.xooit.eu
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
26    5.135.39.59 (Antwerp, Belgium)

ASN16276 (OVH, FR)
img.xooimage.com
img2.xooimage.com
img9.xooimage.com
img7.xooimage.com
img8.xooimage.com
img10.xooimage.com
img3.xooimage.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
11    46.105.104.203 (France)

ASN16276 (OVH, FR)
PTR: ns3111402.ip-46-105-104.eu
apicit.net
tags.clickintext.net
lb.apicit.net
www-107-classic.clickintext.net
www-107.clickintext.net
Domain Requested by
10 img.xooimage.com les.smokers.flyers.xooit.eu
6 les.smokers.flyers.xooit.eu 1 redirects les.smokers.flyers.xooit.eu
4 apicit.net les.smokers.flyers.xooit.eu
apicit.net
3 tags.clickintext.net les.smokers.flyers.xooit.eu
lb.apicit.net
3 img3.xooimage.com img.xooimage.com
3 img7.xooimage.com img.xooimage.com
3 img9.xooimage.com img.xooimage.com
3 img2.xooimage.com img.xooimage.com
2 www-107-classic.clickintext.net tags.clickintext.net
2 img10.xooimage.com img.xooimage.com
2 img8.xooimage.com img.xooimage.com
1 www-107.clickintext.net lb.apicit.net
1 lb.apicit.net tags.clickintext.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com les.smokers.flyers.xooit.eu
44 15

This site contains links to these domains. Also see Links.

Domain
www.xooit.com
xooit.xooit.com
www.phpbb.com
www.phpbb-fr.com
www.mylimages.com
Subject Issuer Validity Valid
forum.hybrid.clicforum.fr
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.xooimage.com
R3		 2024-04-11 -
2024-07-10		 3 months crt.sh
rdc.apicit.net
R3		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.clickintext.net
R3		 2024-05-08 -
2024-08-06		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://les.smokers.flyers.xooit.eu/index.php
Frame ID: 7AC47B9DE17118D4F3BBD5C0A6829999
Requests: 32 HTTP requests in this frame

Frame: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=950bfa04f43ad4ef18eebc61c48072e2&tmpparam=1&crtg_content=empty
Frame ID: 9944DCAD64D340CFC386836C00BA376F
Requests: 6 HTTP requests in this frame

Frame: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=0d96d2c2950953542f332b26b66cfb51&tmpparam=1&crtg_content=empty
Frame ID: 2B0A04935286CE043B2006EBE8FF2429
Requests: 5 HTTP requests in this frame

Frame: https://les.smokers.flyers.xooit.eu/rgpd_cookie_consent.php?frame=1
Frame ID: C2E4D33F3F0DAB1275841B19A5CAB490
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

la smoke and fly 2.0 .::. Alliance présente sur Weed-Land.net

Page URL History Show full URLs

  1. https://les.smokers.flyers.xooit.eu/ HTTP 302
    http://les.smokers.flyers.xooit.eu/index.php HTTP 307
    https://les.smokers.flyers.xooit.eu/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • Powered by <a[^>]+phpBB
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

15
Subdomains

5
IPs

4
Countries

759 kB
Transfer

1308 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://les.smokers.flyers.xooit.eu/ HTTP 302
    http://les.smokers.flyers.xooit.eu/index.php HTTP 307
    https://les.smokers.flyers.xooit.eu/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
les.smokers.flyers.xooit.eu/
Redirect Chain
  • https://les.smokers.flyers.xooit.eu/
  • http://les.smokers.flyers.xooit.eu/index.php
  • https://les.smokers.flyers.xooit.eu/index.php
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.46 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
Resource Hash
aba0dc2f91b604d986080676fbceca66cadb62a1e15ebb64c5fd182e0f9e4c9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, no-store, no-cache, must-revalidate, pre-check=0, max-age=0
content-encoding
gzip
content-length
5441
content-security-policy
upgrade-insecure-requests upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 10:52:35 GMT
expires
Fri, 07 Jun 24 10:52:34 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e

Redirect headers

Location
https://les.smokers.flyers.xooit.eu/index.php
Non-Authoritative-Reason
HttpsUpgrades
js
www.googletagmanager.com/gtag/ 		270 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-965DXEW8TE
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f1e177cd61172a1200e50e2fd342ca5f19730ebfaf849272e133964e7d6ce9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94832
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 07 Jun 2024 10:52:35 GMT
mylnebuleuse-e7131.css
img.xooimage.com/files5/f/9/5/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
16b3e3a155653e130746bfad42163ac4b6a0fbf3c08aba74ff737a69d0b9d7a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"45e49695-2fd3"
content-type
text/css
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
common2023-59c819f.js
img.xooimage.com/files113/7/6/b/ 		288 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.xooimage.com/files113/7/6/b/common2023-59c819f.js
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
58b01eab055fa8fb4e842043c64af5151286b18d65df4b469a4db990dd31d66b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"6560dea1-47f6c"
content-type
application/javascript
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
s-f-2.0-logo-576a4b3.png
img.xooimage.com/files111/5/4/4/ 		466 KB
465 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files111/5/4/4/s-f-2.0-logo-576a4b3.png
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
5939c2d0178c12f49aad6375b43d1376ff6962ed68d7be8798059da5a61bbc27

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"5ecd60c0-74648"
content-type
image/png
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
_-2f2a.gif
img.xooimage.com/files1/_/ti/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files1/_/ti/_-2f2a.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"441792d5-2b"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
whosonline-3463a.gif
img.xooimage.com/files3/w/h/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files3/w/h/whosonline-3463a.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e1dbac51073a20777e1fbf8ad8f2497abaf8f62820529e2d3916cfa109c6d729

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604542-290d"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
folder_new-3460f.gif
img.xooimage.com/files5/f/o/ 		1 KB
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files5/f/o/folder_new-3460f.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
af35ffe644ab212da1dd246f26781f5f105acb39e22dd98789458d27b224df32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"4460453d-555"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
folder-3460e.gif
img.xooimage.com/files5/f/o/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files5/f/o/folder-3460e.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
17b66a1be4369b40df66be9e52e9587caea8a40766377d1f32a523132e9848e1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"4460453d-5df"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
folder_lock-34612.gif
img.xooimage.com/files10/f/o/ 		849 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files10/f/o/folder_lock-34612.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6cc71bb5358aa086f75a8ecf8bf4d232c0603212914df20ab9e9ca1eba95bdf4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"4460453d-351"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-965DXEW8TE&gtm=45je4650v9123970239za200&_p=1717757555050&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=175658832.1717757555&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717757555&sct=1&seg=0&dl=https%3A%2F%2Fles.smokers.flyers.xooit.eu%2Findex.php&dt=la%20smoke%20and%20fly%202.0%20.%3A%3A.%20Alliance%20pr%C3%A9sente%20sur%20Weed-Land.net&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=769
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-965DXEW8TE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://les.smokers.flyers.xooit.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub.php
les.smokers.flyers.xooit.eu/ Frame 9944 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=950bfa04f43ad4ef18eebc61c48072e2&tmpparam=1&crtg_content=empty
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.46 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
Resource Hash
fa9818023e42775de7082776594bf9992a7e438325f33b33c2924ac8a8528bd4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://les.smokers.flyers.xooit.eu/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
946
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 10:52:35 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
pub.php
les.smokers.flyers.xooit.eu/ Frame 2B0A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=0d96d2c2950953542f332b26b66cfb51&tmpparam=1&crtg_content=empty
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.46 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
Resource Hash
5fd8c11b339c28207a30862625d9b08c6bc65c63bea249c63eaf57fada3ab971
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://les.smokers.flyers.xooit.eu/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
956
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 10:52:35 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
rgpd_cookie_consent.php
les.smokers.flyers.xooit.eu/ Frame C2E4 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://les.smokers.flyers.xooit.eu/rgpd_cookie_consent.php?frame=1
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.46 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
Resource Hash
9a595a23de6552f2211fadcc588c3c37780e30c20293ea39fd66be45bb4fb710
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://les.smokers.flyers.xooit.eu/index.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
3210
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 07 Jun 2024 10:52:35 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/5.6.40-16+0~20200123.27+debian9~1.gbp05c23e
fond01-34624.jpeg
img2.xooimage.com/files/d/6/0/ 		39 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.xooimage.com/files/d/6/0/fond01-34624.jpeg
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
fdbec26d1bbda7fa976b04e29e82bdf19edef8dabefba0e62310db685c2337cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-9ce7"
content-type
image/jpeg
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_left1-34626.gif
img9.xooimage.com/files/c/a/ 		1 KB
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img9.xooimage.com/files/c/a/cadre_top_left1-34626.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
625f2cec0a918c79a57e7574ce7ef6f9033a3dce07d6140c3f991f806c7c6adb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-416"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_left2-34627.gif
img7.xooimage.com/files/c/a/ 		1 KB
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.xooimage.com/files/c/a/cadre_top_left2-34627.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1fc4f854ebb8efdcd6dd9fce3711f0db6c896a428f74a8d917dd2a376fabc916

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-553"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_left3-34628.gif
img8.xooimage.com/files/c/a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img8.xooimage.com/files/c/a/cadre_top_left3-34628.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1355ec6575630cc5a6359057267a855f3bb900c51e1ba4b0a5f2138f446bdf9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-5e0"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_center-34629.gif
img9.xooimage.com/files/c/a/ 		1 KB
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img9.xooimage.com/files/c/a/cadre_top_center-34629.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
3279e57bb8004eb7472b203a0925a1a343aa0cdb12c503c63199a5a49faa628d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-50f"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_right3-3462d.gif
img7.xooimage.com/files/c/a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.xooimage.com/files/c/a/cadre_top_right3-3462d.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8b8df982ced3acd5f91f29b2d2838320ed845442de5a175075bdce25ce41577d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-5dd"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_right2-3462c.gif
img10.xooimage.com/files/c/a/ 		1 KB
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.xooimage.com/files/c/a/cadre_top_right2-3462c.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
414d6cee5cde24a298d51fde42c2fef65aa7faaf587401d0b81d0e9488df827e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-54b"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_top_right1-3462b.gif
img3.xooimage.com/files/c/a/ 		1 KB
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.xooimage.com/files/c/a/cadre_top_right1-3462b.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
305426ed8cabf760ffeae2b1750b1970981c907629ba35bf43596547b28e5222

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-419"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cellpic3-34638.gif
img.xooimage.com/files9/c/e/ 		979 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files9/c/e/cellpic3-34638.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4d100c010ba862049a9df10ef1b4fac451d39ab448081adf3359da031fe183eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-3d3"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
pixel01-34635.gif
img10.xooimage.com/files/p/i/ 		834 B
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img10.xooimage.com/files/p/i/pixel01-34635.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
64967b7a0586c145a4e27a22a842fa729df0a7b7f357b17bb41b17efa0d7beb6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-342"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_left-34633.gif
img2.xooimage.com/files/c/a/ 		839 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.xooimage.com/files/c/a/cadre_left-34633.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
47cd1acd35b00bfbc5b9a26541b12623f569c1c16eab834ab848caba9066c445

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-347"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
pixel06-34625.gif
img2.xooimage.com/files/p/i/ 		834 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.xooimage.com/files/p/i/pixel06-34625.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e24d064ff08b726577adf01b02c35781ccf06eb4862089318b96186da8c04bf2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604540-342"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cellpic1-3463c.gif
img.xooimage.com/files9/c/e/ 		979 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xooimage.com/files9/c/e/cellpic1-3463c.gif
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
549de92845ee113508fb4464fc1656e1a1d6072a983c608b2e4e8558359fa680

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604542-3d3"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
bout01-34639.gif
img7.xooimage.com/files/b/o/ 		949 B
503 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img7.xooimage.com/files/b/o/bout01-34639.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c0faa1474ad3f62f67f284cdfd6e227619657ab01aca0885c829c339b50cf73

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-3b5"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_right-34634.gif
img3.xooimage.com/files/c/a/ 		839 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.xooimage.com/files/c/a/cadre_right-34634.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
7b5935d873ad8d0a256b33c7242727c35bb7baf01017a4ab79caf887db98521f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-347"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_bottom_left-34630.gif
img9.xooimage.com/files/c/a/ 		853 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img9.xooimage.com/files/c/a/cadre_bottom_left-34630.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
128f40be1870553ca90bb1656e97d75dbd3c63aa7fa1b8cae7375af6ad84eef3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-355"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_bottom_center-34631.gif
img3.xooimage.com/files/c/a/ 		897 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.xooimage.com/files/c/a/cadre_bottom_center-34631.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
19261d3f23ae4d57539569dd666ac0ae9c1b086cc7c51792db4ac12b3e93622a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-381"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
cadre_bottom_right-34632.gif
img8.xooimage.com/files/c/a/ 		853 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img8.xooimage.com/files/c/a/cadre_bottom_right-34632.gif
Requested by
Host: img.xooimage.com
URL: https://img.xooimage.com/files5/f/9/5/mylnebuleuse-e7131.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.59 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
eb3f2afbe4b30cade280fced3a7b5af61f29f5ff833f6e26119dc94ef4f2aa9b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://img.xooimage.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"44604541-355"
content-type
image/gif
cache-control
max-age=31536000
expires
Sat, 07 Jun 2025 10:52:35 GMT
loader.v7.js
apicit.net/ Frame 9944 		2 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apicit.net/loader.v7.js
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=950bfa04f43ad4ef18eebc61c48072e2&tmpparam=1&crtg_content=empty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
8a75ab48f3750628a149ff8a7007acb1eff4662f5ca8faba1f53617e6799794b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"53270e38-647"
content-type
application/javascript
cache-control
max-age=86400, public
expires
Sat, 08 Jun 2024 10:52:35 GMT
loader.v7.js
apicit.net/ Frame 2B0A 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apicit.net/loader.v7.js
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=0d96d2c2950953542f332b26b66cfb51&tmpparam=1&crtg_content=empty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
8a75ab48f3750628a149ff8a7007acb1eff4662f5ca8faba1f53617e6799794b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
last-modified
Wed, 13 May 2013 13:13:13 GMT
server
nginx
etag
W/"53270e38-647"
content-type
application/javascript
cache-control
max-age=86400, public
expires
Sat, 08 Jun 2024 10:52:35 GMT
ping.php
apicit.net/ Frame 9944 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apicit.net/ping.php?v=5&n=les.smokers.flyers.xooit.eu&r=&t=undefined&e=undefined&r2=https%3A//les.smokers.flyers.xooit.eu/index.php&fct=&nopref=1&mfct=1
Requested by
Host: apicit.net
URL: https://apicit.net/loader.v7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
fb760464015f94360c5df21a56a7ba3a2a7ea26b763979bcb2e4ab2d274606e4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
ping.php
apicit.net/ Frame 2B0A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apicit.net/ping.php?v=5&n=les.smokers.flyers.xooit.eu&r=&t=undefined&e=undefined&r2=https%3A//les.smokers.flyers.xooit.eu/index.php&fct=&nopref=1&mfct=1
Requested by
Host: apicit.net
URL: https://apicit.net/loader.v7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
c81c73bbcda0584972206d984ca7b96db6a7e7b96cb903ecb541c7f717297fcb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
j68sFjLXIWIIQ
tags.clickintext.net/ Frame 9944 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/j68sFjLXIWIIQ?forceprotected=&optout=1
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=950bfa04f43ad4ef18eebc61c48072e2&tmpparam=1&crtg_content=empty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
ecf4f40344bc85b185fc1922f85c7d2af2e773e7d3cc43b5860cb93714e548b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
j68sFjLXIWIIQ
tags.clickintext.net/ Frame 2B0A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/j68sFjLXIWIIQ?forceprotected=&optout=1
Requested by
Host: les.smokers.flyers.xooit.eu
URL: https://les.smokers.flyers.xooit.eu/pub.php?cc=0&f=728x90&rp=1&p=728x90_header&ci=109&&id=0d96d2c2950953542f332b26b66cfb51&tmpparam=1&crtg_content=empty
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
74f3c11254aa595fc78260b59040a17093a753e24f192233e07f297d14406aa5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
loader.v8.php
lb.apicit.net/ Frame 9944 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&optout=1&zid=52909&call=document.onapicitCall&jQ=
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/j68sFjLXIWIIQ?forceprotected=&optout=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
e275dfcee0ca8e841f824b5be56af2a0636e530641760623b6a9072070f83774

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
content.php
www-107-classic.clickintext.net/execs/ Frame 9944 		789 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=7992&f=728x90&zk=j68sFjLXIWIIQ&ccn=0&frameId=frameCIT9960670a26b9f46ba125913c110c2b71i&apicitIdPAPXTime=937a449f9d8b101141b4744851c2095a&apicitIdPAPXTimeMore=o%5B1%5Dsw%5B0%5Dv[640x4b0]&top=https%3A//les.smokers.flyers.xooit.eu/index.php&pAv=1&mobile=0
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/j68sFjLXIWIIQ?forceprotected=&optout=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
de61d109ebda8bb67eba90bc6e63d01de3e5e84765b4c555f1f50ab152afc5f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
content.php
www-107-classic.clickintext.net/execs/ Frame 2B0A 		789 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107-classic.clickintext.net/execs/content.php?v=1.0&a=7992&f=728x90&zk=j68sFjLXIWIIQ&ccn=1&frameId=frameCIT9336f1c5b736425e6223ca561dde36bei&apicitIdPAPXTime=937a449f9d8b101141b4744851c2095a&apicitIdPAPXTimeMore=o%5B1%5Dsw%5B0%5Dv[640x4b0]&top=https%3A//les.smokers.flyers.xooit.eu/index.php&pAv=1&mobile=0
Requested by
Host: tags.clickintext.net
URL: https://tags.clickintext.net/j68sFjLXIWIIQ?forceprotected=&optout=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
85c1988289b946db85194ed665e62d0255c71d51efe1b9b31c53e2d8cc250d4a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
tags.clickintext.net/takeasafe/ 		2 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.clickintext.net/takeasafe/?t=1717757555&k=a3881d&h=les.smokers.flyers.xooit.eu&
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&optout=1&zid=52909&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/html; charset=ISO-8859-1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
optimize.php
www-107.clickintext.net/extraintext/ 		29 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-107.clickintext.net/extraintext/optimize.php?r=1&a=52909&jQuery=2
Requested by
Host: lb.apicit.net
URL: https://lb.apicit.net/loader.v8.php?apicitDatas=1%2Fcla%2Fcit7992&RK=CIT&optout=1&zid=52909&call=document.onapicitCall&jQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.104.203 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3111402.ip-46-105-104.eu
Software
nginx /
Resource Hash
bd13406ac6d8b2eb049d97c7be57e4317bb6bbf8d4bf1fc1ddfc963b346f650e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 07 Jun 2024 10:52:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
les.smokers.flyers.xooit.eu/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://les.smokers.flyers.xooit.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.135.39.46 Antwerp, Belgium, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e011c366c59120a0c7d4a3938c5bd0f1759519782ba7f162b270b4b4cd45b875
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://les.smokers.flyers.xooit.eu/index.php
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 10:52:36 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 25 Jun 2009 19:23:49 GMT
server
nginx
etag
"47e-46d3129cd7b40"
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
1150

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| Effect object| Effect2 object| Control function| flashDetect function| gen_bar_field function| infoBoxClass object| dices function| dice function| show_eval function| do_eval function| do_eval_callback function| gotopage function| _hideBBCode object| hideBBCode function| hideBBCodeShowHide function| show_uploadbox function| quickQuote function| resizeStart object| jser function| loadjs function| my_document_write function| hexdec function| escapeChar function| rawurlencode function| encodeClassName function| _blink function| $ function| $$ undefined| Sizzle function| Selector function| $cE function| $cTN object| ListBox3 object| InfoBox3 function| BarField number| HideSelectsReasons object| infoBox function| jumpto function| multiprompt function| resizeClass function| smiliesTableClass function| chatimwith function| rgpdShowPopupCookie function| showPremium function| showOverPremium

8 Cookies

Domain/Path Name / Value
.les.smokers.flyers.xooit.eu/ Name: les_smokers_flyers_xooit_eu_sid
Value: 6e657700000000000000000000000000
.xooit.eu/ Name: _ga_965DXEW8TE
Value: GS1.1.1717757555.1.0.1717757555.0.0.0
.xooit.eu/ Name: _ga
Value: GA1.1.175658832.1717757555
les.smokers.flyers.xooit.eu/ Name: ww
Value: 1600
les.smokers.flyers.xooit.eu/ Name: criteo
Value: 1
les.smokers.flyers.xooit.eu/ Name: papSession
Value: 1
.apicit.net/ Name: sw
Value: 337179155
.apicit.net/ Name: apicit
Value: 937a449f9d8b101141b4744851c2095a

9 Console Messages

Source Level URL
Text
recommendation verbose URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://les.smokers.flyers.xooit.eu/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apicit.net
img.xooimage.com
img10.xooimage.com
img2.xooimage.com
img3.xooimage.com
img7.xooimage.com
img8.xooimage.com
img9.xooimage.com
lb.apicit.net
les.smokers.flyers.xooit.eu
region1.google-analytics.com
tags.clickintext.net
www-107-classic.clickintext.net
www-107.clickintext.net
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:812::2008
46.105.104.203
5.135.39.46
5.135.39.59
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53
0c0faa1474ad3f62f67f284cdfd6e227619657ab01aca0885c829c339b50cf73
0f1e177cd61172a1200e50e2fd342ca5f19730ebfaf849272e133964e7d6ce9d
128f40be1870553ca90bb1656e97d75dbd3c63aa7fa1b8cae7375af6ad84eef3
16b3e3a155653e130746bfad42163ac4b6a0fbf3c08aba74ff737a69d0b9d7a0
17b66a1be4369b40df66be9e52e9587caea8a40766377d1f32a523132e9848e1
19261d3f23ae4d57539569dd666ac0ae9c1b086cc7c51792db4ac12b3e93622a
1fc4f854ebb8efdcd6dd9fce3711f0db6c896a428f74a8d917dd2a376fabc916
305426ed8cabf760ffeae2b1750b1970981c907629ba35bf43596547b28e5222
3279e57bb8004eb7472b203a0925a1a343aa0cdb12c503c63199a5a49faa628d
414d6cee5cde24a298d51fde42c2fef65aa7faaf587401d0b81d0e9488df827e
47cd1acd35b00bfbc5b9a26541b12623f569c1c16eab834ab848caba9066c445
4d100c010ba862049a9df10ef1b4fac451d39ab448081adf3359da031fe183eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549de92845ee113508fb4464fc1656e1a1d6072a983c608b2e4e8558359fa680
58b01eab055fa8fb4e842043c64af5151286b18d65df4b469a4db990dd31d66b
5939c2d0178c12f49aad6375b43d1376ff6962ed68d7be8798059da5a61bbc27
5fd8c11b339c28207a30862625d9b08c6bc65c63bea249c63eaf57fada3ab971
625f2cec0a918c79a57e7574ce7ef6f9033a3dce07d6140c3f991f806c7c6adb
64967b7a0586c145a4e27a22a842fa729df0a7b7f357b17bb41b17efa0d7beb6
6cc71bb5358aa086f75a8ecf8bf4d232c0603212914df20ab9e9ca1eba95bdf4
74f3c11254aa595fc78260b59040a17093a753e24f192233e07f297d14406aa5
7b5935d873ad8d0a256b33c7242727c35bb7baf01017a4ab79caf887db98521f
85c1988289b946db85194ed665e62d0255c71d51efe1b9b31c53e2d8cc250d4a
8a75ab48f3750628a149ff8a7007acb1eff4662f5ca8faba1f53617e6799794b
8b8df982ced3acd5f91f29b2d2838320ed845442de5a175075bdce25ce41577d
9a595a23de6552f2211fadcc588c3c37780e30c20293ea39fd66be45bb4fb710
aba0dc2f91b604d986080676fbceca66cadb62a1e15ebb64c5fd182e0f9e4c9b
af35ffe644ab212da1dd246f26781f5f105acb39e22dd98789458d27b224df32
b1355ec6575630cc5a6359057267a855f3bb900c51e1ba4b0a5f2138f446bdf9
bd13406ac6d8b2eb049d97c7be57e4317bb6bbf8d4bf1fc1ddfc963b346f650e
c81c73bbcda0584972206d984ca7b96db6a7e7b96cb903ecb541c7f717297fcb
de61d109ebda8bb67eba90bc6e63d01de3e5e84765b4c555f1f50ab152afc5f0
e011c366c59120a0c7d4a3938c5bd0f1759519782ba7f162b270b4b4cd45b875
e1dbac51073a20777e1fbf8ad8f2497abaf8f62820529e2d3916cfa109c6d729
e24d064ff08b726577adf01b02c35781ccf06eb4862089318b96186da8c04bf2
e275dfcee0ca8e841f824b5be56af2a0636e530641760623b6a9072070f83774
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3f2afbe4b30cade280fced3a7b5af61f29f5ff833f6e26119dc94ef4f2aa9b
ecf4f40344bc85b185fc1922f85c7d2af2e773e7d3cc43b5860cb93714e548b4
fa9818023e42775de7082776594bf9992a7e438325f33b33c2924ac8a8528bd4
fb760464015f94360c5df21a56a7ba3a2a7ea26b763979bcb2e4ab2d274606e4
fdbec26d1bbda7fa976b04e29e82bdf19edef8dabefba0e62310db685c2337cc